Stu Kennedy
@NoobieDog
Followers
2,459
Following
1,479
Media
565
Statuses
12,708
Maker, Hacker, Security Researcher, Motorsport Enthusiast!
GTFO
Joined June 2011
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
#خلصوا_صفقات_الهلال1
• 838697 Tweets
ラピュタ
• 408751 Tweets
Atatürk
• 391804 Tweets
Megan
• 225825 Tweets
Johnny
• 225103 Tweets
Sancho
• 150235 Tweets
MEGTAN IS COMING
• 133896 Tweets
#4MINUTES_EP6
• 128070 Tweets
RM IS COMING
• 127281 Tweets
namjoon
• 120999 Tweets
olivia
• 118822 Tweets
Coco
• 53451 Tweets
Labor Day
• 50588 Tweets
كاس العالم
• 47821 Tweets
ミクさん
• 46553 Tweets
ムスカ大佐
• 41106 Tweets
#フロイニ
• 37547 Tweets
Arteta
• 35129 Tweets
ŹOOĻ記念日
• 24633 Tweets
ミクちゃん
• 22995 Tweets
Javier Acosta
• 22436 Tweets
Día Internacional
• 21751 Tweets
Romney
• 18098 Tweets
Ramírez
• 16983 Tweets
Lolla
• 14892 Tweets
ナウシカ
• 13796 Tweets
Lo Celso
• 12045 Tweets
Sekou Kone
• 11059 Tweets
AFFAIR EP1
• 10504 Tweets
نادي سعودي
• 10392 Tweets
Pinned Tweet
Words to live by:
The Internet:🌐
"Assume they ARE watching, ACT appropriately"
Surveillance:🕵️
"Don't impregnate the people you're surveiling"
Life:🧬
"Be Kind! Be Humble!"
3
7
22
BitLocker Key retrieval on a Windows 11, Lenovo X1 Carbon Gen 11 via SPI Sniffing.
The TPM on the backside of the Motherboard, there are various test pads.
20
219
1K
Vulnerability Disclosure:
Me: Hi, do you have a contact to discuss vulnerabilities in your product?
Them: Na fam, chill! We got this!!
🤨
25
26
561
So 4 month ago, i started an interview process to joing a "hardware hacking team" in the UK, however the company is global.
The job advert was for a "Senior Hardware Hacker" and was being handled by a recruitment agency.
I applied and got a response withing 24 hours.
1/*
18
15
455
I'm starting a TPM-Sniffing repo with data on what devices are vulnerable to these kind of attacks and a list of great research that goes with it.
@ghidraninja
@en4rab
@lucasteske
@qrs
@wrongbaud
and many more.
Please share
5
78
194
So the code i was asked to review live is from this course
More specifically, this code. I had never seen it before.
13/*
6
3
136
I guess i need to learn more about code reviews for a decent role in hardware hacking... good job things like
@OpenSecTraining
exists and have great courses!
onwards and upwards!
12/*
7
2
121
The CTF process was fun, and there were multiple areas id expect to be covered for a hardware hacker.
- Code Review
- Hardware Protocols and Analysis
- Firmware Analysis
- Web Applications
- Crypto
5/*
1
0
110
After a lenghty call with the recruiter (who actually was a nice guy, but didnt really understand the job role/expertise that was on offer/or being wanted) it was decided to put me through to the company offering the job.
2/*
2
0
107
After 5 mins, he clearly isnt interested and cuts the call short, not really talking about my thought process of what i was trying to show, bits i was looking at in the code. Its like he wanted me to directly see a stack or Int overflow etc.. My brain doesnt work like that.
9/*
3
0
106
weeks pass and I do not hear back at all. i chased both the Admin and CTF reviewer from the company for feedback or advice to move forward. I chased the recruiter...
All ghosted me!
11/*
3
0
105
A day or so passes and i get a nod from the recruiter that the company is "VERY" interested in me and would i be willing to have a quick chat about the role with a senior. I have the call, but its not about the job/role, more that i live 2 hours away from the office...
3/*
1
0
103
He goes on to further explain that 90% of the job is "Code Reviews" and that i should have a better understanding of vulns in code... He then asks me to do a ten min real-time code review of 620 lines of C code, live while screen sharing. So feeling the pressure, but i agree
8/*
2
0
100
@nikgeneburn
Please for the sanity of every player! Fix the raid waiting times.. 25mins is outrageous time to wait regardless if beta or not! PVE times are even worse! 2-3mins max!
All this tells me is, your network engineering isn’t great and BSG don’t know how to scale!!
34
0
96
Regardless, i get put through to another call to an onboarding admin, who asks about my experiance etc.. but they were questions that my CV answers in detail. Did they have my CV? I get through to the CTF part of the interview process.
4/*
1
0
97
I have 6 Laptops to extract BitLocker keys from, Dell, Gigabyte, HP and PC Specialist.
Will detail and record progress as i go!
7
8
92
I say thank you for the time and express that although i dont know as much as i probably should with code reviews, its something im willing to learn, and that its good that i excelled in the "hardware hacking" parts. We end the call.
10/*
1
0
93
I do all the challenges, feel good about most of it apart from the Crypto and Code Review side of things, but i try my best. Highly detailed report gets sent! 2 weeks pass and i finally get a CTF review call.
6/*
1
0
91
The call starts well, the person reviewing the report is a Senior Hardware Hacker (not in the UK). He explains that he is happy with most of the report but obviously i lack in Code reviews.. But did really well in the "Hardware Hacking" based parts...
7/*
1
0
91
More devices and information can be found here:
0
18
71
@CheddarB0b42
I believe they wanted a vuln researcher/reverse engineer, if that was the case, I’d have never gone for the roll. But I really was heavily focused on hardware hacking.
0
0
72
Soldering direct to these pads allowed the
@saleae
logic analyser to sniff the SPI communications and find the VMK :D
2
5
62
So today was my last day at
@PenTestPartners
. I cant thank each and every one of them enough! Much love to the whole company...
Ive now got a bit of time off. Do some hobbies, eat some food, fight some people!
Keep hacking, Keep Pwning!
HAVE A GREAT WEEKEND! <3
6
1
61
10
0
58
All BugBounties should now only accept log4j submissions but 100% donate the bounty to the maintainers of log4j instead of the beg bounties skids using copy and paste
5
1
55
So its been exactly 1 month i've stayed drug free...
you may be thinking WTF Stu, but...
Prescribed Opioids are dangerous as fuck! Please seek help and get off them ASAP
12 years is a long time! Was for me and its not been easy but i feel so much better!
My DMs are open!
5
0
52
Every lab has its differences,
@dcuthbert
has a bloody xray machine for example! But if you wanna know where to start,
@wrongbaud
has built a fantastic set of pages to follow with great examples!
To set up your own hardware hacking lab.
1
13
52
Mercedes: £1200 for a new maf unit..
Me: I dont need a new MAF unit, i need a MAF Sensor...
Mercedes: £1200 or GTFO
Me: Find Actual MAF sensor from Bosche, £89
Me: Replaces sensor, Car is working great again!
Fucking dealers and the prices are silly!
5
0
45
Bottom line.
I did not leave
@PenTestPartners
be cause they were shit, far from it, great bunch of people, great jobs and loads of fun.
I left because “I” wanted to step away from consultancy and wanted to try something a bit different!
Please stop with the DMs asking!
2
4
42
Id be interested to see what hardware is vulnerable to log4j
Might start a github repo to list shit
@cybergibbons
@arturo182
@CyberAntani
@GossiTheDog
@dcuthbert
Down?
4
4
36
A blog series i have been working on for some time. Alot of Fails but some wins and more to come!
Long version:
Short Version:
Enjoy
@PenTestPartners
@pwntestpartners
1
9
36
Slowly slowly getting there! Need a bookcase and shelves i think
6
3
33
Wake up,
log into twitter,
see the infosec industry killing itself again, close twitter,
get back into bed!
Sigh...
4
3
32
#ff
🥰
@dcuthbert
@n0x00
@singe
@_staaldraad
@v1ad_o
@leonjza
@NeomindMusic
@cybergibbons
@evstykas
@tautology0
@ZephrFish
@RoganDawes
@LargeCardinal
@notameadow
@joegrand
@TheColonial
@Saif_Sherei
@glennzw
@thepathfndr
^ These people have shaped my career!
10
8
31
How nice would it be to be 100% honest on a CV.
Instead of “hardworking, passionate, team player”
Put
“I will put everything into my work until you either puss me off or treat me like a mug, then ill fuck you all up”
Hmm 🧐
@cybergibbons
1
0
28
I enjoyed this great artical! nice work!
New report on
@FSecureLabs
: Hunting for backdoors in counterfeit Cisco devices
Read up on the tear down of 2 counterfeit Cisco switches.
1
27
47
3
4
26
Fridays are for blogs and research, so here is part 3 of my ODB2 Reader series
Enjoy
1
10
26
Python HTTP Directory Scanner (DirBuster)
Proxy/BasicHTTP/Verbose/Requests/User-agents
#python
#pentest
@ToolsWatch
1
14
22
Thread: This year i ran a full season in competitive racing. I have calculated about a £13K cost for the whole season from start to finish (race entry, tires, fuel, transportation, parts, etc...)
There were times where i lived on pot noodles for a week to save money to race
2
0
23
Its not broke and works very well, so im going to strip it 100% down and rebuild like new but with race parts! It wont be cheap, but it will be worth it!
6
0
21
All registered for this years racing! And new licence dropped today! Woot
1
1
22
If you feel you have an argument against this thread... go fuck yourself...
BE KIND
BE HUMBLE
Its disgusting how some people act!
2
2
22
For those that asked (most of you didnt) here is me giving all opsec up and spilling my beans!
Cars are important to me! My race car is important to me
Im giving you and everybody an insight into my life
If your going to abuse me/it
Please subscribe
5
2
22
Absolutely enjoyed
@Steel_Con
#steelcon
yesterday! Met some great people and caught up with some great friends!
@ZephrFish
@myexploit2600
John
@ghostie_
And many more. Didnt get to see
@scriptmonkey_
but I’m sure i will another time!
Great con and very inclusive!
4
4
21
Here is a question:
Is it possible to be part of/and good in Infosec if you dont have a twitter accout?
How do you share research?
How do you see/learn latest things?
14
1
21
I wrote a 77 page “blog” that describes how I hacked a baby camera.
However it doesn’t have the finish id hoped! Still fun, still learned!
Will publish soon
2
0
20
Really needed somebody to talk too today! Instead, i went for a 2 hr walk down the thames river in Reading! It really helped clear my head! Tomorrow is always another day!
#mentalhealth
#goodtotalk
#MentalHealthMatters
6
1
20
Hacker/followers!
Just wanna say! I love yall! If you ever want to talk, dm me!
1
1
20
Brilliant Blog post and research. Well done
@xoreipeip
Virgin Media has fixed multiple vulnerabilities in its Super Hub 3.0 broadband modem (14 months after being told about them) that could enable hackers to remotely monitor network traffic and execute commands
4
32
37
2
8
18
2
1
17
Brilliant!
4
2
15
Things i have learned this weekend! (thread)
1: Devs have a shitty time supporting there FREE code to the masses, as users are needy bitches and DONT RTFM!
As a dev of some tools, its hard sometimes to squash bugs, test and make things work 100% all the time
2
0
17
Awesome work and research from
@leonjza
as usual! Top tier right here folks!
Very, very hacky, but got a
#meterpreter
running on an iOS 13.1 device after some inspiration from
@timwr
, using a mettle dylib and
@fridadotre
. All without a jailbreak ofc. Not a lot of useful meterpreter iOS features, but science... :)
7
84
205
0
5
15
Another 50 ear protectors going out to local health care outfits! Printer will keep going until it breaks!
1
0
17
Head bolted down, chain covers on, rocker cover on, coolant system on!
Its the game of putting it back together and hoping its sealed 😂
3
0
16
Ive been looking at a few baby monitors over the last year or so, in slow time!
Here is Part One!
Part Two is coming in strong!
4
3
16
Today is a sad but happy day!
To be part of the Plakk, to be part of this top-tier group of awesome people, has/was and still is one of the best times of my life. SP will always live on in my ethics and foundations!
Long Live
@sensepost
Here is to the future! <3
0
3
16
Is it normal for your car to MiTM your data connection? (Phone tether) example. Phone is
@VodafoneUK
,
@MercedesBenz
web services (in car browser at least) proxies traffic to Germany. Will play more over weekend
@dcuthbert
3
4
16
@GossiTheDog
@Fox0x01
Another day, another drama (although serious) but nothing to do with INFOSEC... or the community.
1
0
16