2OURC3

@2ourc3

building things - breaking others | @auditor_codes

Joined February 2021

22Following

2KFollowers

2OURC3 Retweeted

5pider@C5pider · Jul 9

Introducing Havoc Professional: A Lethal Presence We’re excited to share a first look at Havoc Professional, a next-generation, highly modular Command and Control framework, and Kaine-kit our fully Position Independent Code agent engineered for stealth! infinitycurve.org/blog/introduct…

184

725

206

55.0K

2OURC3@2ourc3 · Jun 29

Joining @rektoff_xyz bootcamp about Solana Rust Security! Really thrilled and thankful to start this one :D

629

2OURC3@2ourc3 · Jun 20

Releasing this fun tool Golem based on @0xdea, LLVM, LLM and @semgrep Golem automates C/C++ vulnerability discovery by combining Semgrep rule scans, LLVM call-graph & CFG slicing, and AI-driven context analysis. Tool: github.com/20urc3/golem Article: bushido-sec.com/index.php/2025…

2ourc3's tweet card. Discover how combining SemGrep, LLVM, and local LLMs like Ollama can boost vulnerability research. From funny IKEA frustrations to slicing control-flow graphs, meet Golem—your new automated bug...

122

7.0K

2OURC3@2ourc3 · Jan 27

Write-up of my v8 bug: Critical type confusion in V8's Turboshaft compiler allowed stale pointers to bypass GC, leading to exploitable memory corruption. Full details + PoC: bushido-sec.com/index.php/2025…

2ourc3's tweet card. V8 Turboshaft Load Elimination Type Confusion Vulnerability (CVE-2024-6773)Exploitable Memory Corruption via Garbage Collection Race Condition Executive Summary A critical type confusion vulnerabil...

248

109

16.0K

2OURC3@2ourc3 · Jan 3

I wrote a comprehensive guide on harnessing libraries for effective fuzzing with AFL++ ! Have a look => github.com/20urc3/Publica…

2ourc3's tweet card. This repository contains the public work I produced, wheter it is research, post, slides, sometimes videos, and materials of my talks. - 20urc3/Publications

113

5.0K

2OURC3@2ourc3 · Dec 31

✨️ Happy new year hackers! ✨️

866

2OURC3@2ourc3 · Dec 30

Going to #38c3 was on my wishlist for MANY years. I am extremely happy to have been able to attend this super fun con for the first time, I've watch many great talks, met a bunch of really cool nerds and loved the hacking atmosphere! ✨️

2ourc3's tweet image. Going to #38c3 was on my wishlist for MANY years. I am extremely happy to have been able to attend this super fun con for the first time, I've watch many great talks, met a bunch of really cool nerds and loved the hacking atmosphere! ✨️

1.0K

2OURC3@2ourc3 · Dec 6

🥳CVE-2024-53589: I discovered a heap buffer-overflow vulnerability in objdump affecting version 2.43, during a fuzzing campaign with @aflplusplus More details: bushido-sec.com/index.php/2024…

2ourc3's tweet card. Security vulnerability in GNU Binutils 2.43 objdump allows buffer overflow via malformed tekhex files, potentially leading to information disclosure and ASLR bypass.

119

10.0K

2OURC3@2ourc3 · Nov 22

Following 7zip 24.08 release, @thezdi disclosed yesterday my vulnerability in 7zip 24.07: CopyCoder Infinite Loop Denial-of-Service Vulnerability - CVE-2024-11612 I found this vulnerability last summer during a fuzzing campaign with @aflplusplus bit.ly/4fZUnfz

2ourc3's tweet card. 7zip vulnerability disclosure infinite loop results in DoS attack

6.0K

2OURC3@2ourc3 · Oct 12

My talk at lehack! Hacking satellites from SDR to RCE

lleHACK@_leHACK_ · Oct 12

🇫🇷 Hacking Satellites: From SDR to RCE - Salim LARGO - 2ourc3 youtu.be/AhtTHXyMz9c

1.0K

2OURC3@2ourc3 · Jul 21, 2024

It was a fantastic experience giving a talk about automated vulnerability research for SANS today. Grateful for this opportunity, very happy to meet all the other fantastic speakers there.

2ourc3's tweet image. It was a fantastic experience giving a talk about automated vulnerability research for SANS today. Grateful for this opportunity, very happy to meet all the other fantastic speakers there.

3.0K

2OURC3@2ourc3 · Jul 16, 2024

Really proud! My vulnerability in Chrome v8 has been disclosed today! CVE-2024-6773 Type confusion in the v8 engine. chromereleases.googleblog.com/2024/07/stable…

2ourc3's tweet image. Really proud! My vulnerability in Chrome v8 has been disclosed today! CVE-2024-6773 Type confusion in the v8 engine.
chromereleases.googleblog.com/2024/07/stable…

172

16.0K

2OURC3@2ourc3 · Jun 24, 2024

Join meet at @_leHACK_ for my talk: Hacking satellites: From SDR to RCE. 👾

lleHACK@_leHACK_ · Jun 24, 2024

[🎙️ #Talk] Discover #leHACK 2024 talk: Hacking satellites: From SDR to RCE presented by @2ourc3 📅 Saturday, July 6th ⌚ 14:45 ℹ️ Details: buff.ly/3VNMOl3 🎟️ Tickets: buff.ly/3Vcrbtg

2.0K

2OURC3@2ourc3 · Jun 14, 2024

Thats a wrap! Except the mandatory bug in the demo, it went pretty smoothly! Thanks Stephen for the invite, hope you all liked the talk

SStephen Sims@Steph3nSims · Jun 14, 2024

Introduction to Fuzzing

9.0K

2OURC3@2ourc3 · Jun 13, 2024

Thanks @Steph3nSims for this opportunity! Hope you all will enjoy this one!

SStephen Sims@Steph3nSims · Jun 13, 2024

Super excited about tomorrow's Off By One Security stream at 11AM PT. We have @2ourc3 coming on to present on Fuzzing. This one will be a demo & workshop and you can choose to follow along! Install instructions: github.com/20urc3/Talks/t… Stream link: youtube.com/watch?v=gTISW-…

2.0K