Stephen Sims
@Steph3nSims
Perpetual Student | SANS Fellow | Musician | Braggart Hater | Gray Hat Hacking | VR | 🏂 | deadcode | https://www.youtube.com/@OffByOneSecurity
We're almost at 30K subscribers on YouTube, have over 100 videos, passed 50K hours watched, and are up to 21 members! Please consider helping us to promote the channel to get a wider reach! All proceeds go back to the community! youtube.com/@OffByOneSecur…
If there's interest I was thinking about doing a stream for an hour this Friday while I'm teaching a class on introductory Windows exploit development. Next Friday I'm hoping to continue turning the recent patch diff we did on ole32.dll into a crash condition PoC.
Thanks to the team @dreadnode for joining me for an informative stream today! You can watch the recording on YouTube here: youtube.com/watch?v=BzOmGw… @offby1security
Building and Deploying Offensive Security Agents with Dreadnode x.com/i/broadcasts/1…
Rise and shine! We're going live on Off By One with @Steph3nSims this afternoon—meet us here at 11 AM PT: youtube.com/live/BzOmGw-La…
Join me this Friday at 11AM PT on the @offby1security stream with the team from @dreadnode for a session on "Building and Deploying Offensive Security Agents!" youtube.com/live/BzOmGw-La…
Join me this Friday at 11AM PT on the @offby1security stream with the good folks from @dreadnode for a session on offensive/adversarial AI. Details coming soon!
Exploiting a Windows Application Using Return Oriented Programming x.com/i/broadcasts/1…
I will be streaming a portion of the SANS SEC660 course I'm teaching today in DC on Introduction to Windows Exploit Development. We will use ROP to get around DEP on Windows 11. 1PM PT youtube.com/watch?v=cbIEwz…
Fuzzing Linux Kernel Modules, with Slava Moskvin Stream by @slava_moskvin_ hosted by @Steph3nSims about building a custom fuzzer to rediscover CVE-2025-0927 in the HFS+ filesystem implementation. youtube.com/live/uCcsZrXyL…
Perhaps one of the most badass CVE's I've ever seen from @midwestneil 💪😤 cisa.gov/news-events/ic…
Got my ticket, hotel & flight booked for @defcon Last year was my 1st time, thanks to winning a free trip via @Steph3nSims & @offby1security members. Thanks to that trip, I was able to land my 1st cybersecurity job & now they're sending me this year!
An awesome talk about many of these changes was also done back in 2021 by @yarden_shafir i.blackhat.com/USA21/Wednesda…
People often ask about how windows Kernel memory allocations work ever since the introduction of the segment heap into ring 0.
Good morning! Just published a blog post diving into Windows Kernel Pool internals: basics, memory allocation functions, internal structures, and how Segment Heap, LFH, and VS work. r0keb.github.io/posts/Windows-…
Join me on the @offby1security channel for a stream with the amazing @albinowax on August 15th @ 11AM PT on "Novel HTTP/1 Request Smuggling/Desync Attacks!" Be sure to turn on alerts for the channel on YouTube... youtube.com/watch?v=B7p8dI…
Based on feedback from this tweet I'm going to do a more thorough example of using an IDA MCP Server for vulnerability research. In the one below, it focused more on the challenges. I'll do one that shows more about how you need to provide context to get better results.
I posted a short 9-minute video on using MCP with IDA for vulnerability analysis. It's open to YouTube members now and will go public on Tuesday. Thanks! youtu.be/ZFABxmJTm6Y I'm using @mrexodia's IDA MCP Server which is the best I've seen yet. github.com/mrexodia/ida-p…