Skip to content
View impost0r's full-sized avatar
🎯
Focusing
🎯
Focusing
98 followers · 89 following

Achievements

Achievement: QuickdrawAchievement: Starstruck

Achievements

Achievement: QuickdrawAchievement: Starstruck

Highlights

  • Pro

Block or report impost0r

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
.github/profile/README.md

$whoami

I'm impost0r, a, vulnerabilitiy researcher, exploit engineer and reverse engineer that currently specializes in Unixes and Unix likes! What have I done? Good question.

🍎 Rotten Apples v1 - macOS Big Sur code signing translocation exploit (writeup here )

  • gzdoom stack-based buffer overflow - stack based buffer overflow in handling of WAD (Where's All the Data) files in gzDoom source port, leading to arbitrary register control/RCE via crafted WADfile
  • BFFx64 - CERT's "Basic File (format) Fuzzer", ported to 64 bit, allowing it to target more things.
  • onionslice - Tor deanonymization via Shodan and misconfigured .onion
  • Marathon and VTS Local Vulnerabilities -- responsible disclosure (ew) on VTube Studio local vulnerabilities and a patcher that fixes two of them.
  • And much more! Feel free to browse my repos! Some are simple tools, some are more complex tools to get the job done.

I also have a Twitch and YouTube where I ocassionally stream. Working on acquiring a capture card. Feel free to visit and say hi sometimes! You can find more about schedules and stuff on my Twitter (currently locked, just apply to follow!) here: Twitter

See ya around!

Pinned Loading

  1. Rotten-Apples Rotten-Apples Public

    macOS codesigning translocation vulnerability.

    42 10

  2. Marathon Marathon Public

    Patcher for local VTube Studio vulnerabilities.

    C# 1

  3. BFFx64 BFFx64 Public

    CERT's Basic Fuzzing Framework, but 64 bit.

    1

  4. ts3crash-analysis ts3crash-analysis Public

    analysis of the teamspeak 3.0.19 crash released by the developers @ r4p3.net

  5. Misc-Tools Misc-Tools Public

    Miscellaneous tools I've developed over the years for help in infosec.

    Go 4

  6. gzdoom-vuln-2018 gzdoom-vuln-2018 Public

    after a few days and many gummy bear vitamins i've decided to release my research. enjoy!

    Python 1