Richard Johnson
Fuzzing; Vulnerability Research;
Deep Learning; Reverse Engineering
Training & Publications @ http://fuzzing.io
Hacking the planet since 1995
Undercurrents.io BOFH
I'll stop the world and melt with you
- This may be the only offering of my fuzzing class at a conference this year and includes updates for targeting edge devices and arm64!
- Don't miss out on Richard Johnson's - @richinseattle.bsky.social - training on "Advanced Fuzzing and Crash Analysis" at #OffensiveCon26 More details here🔗https://buff.ly/I8w5EEO
- Reposted by Richard Johnson🚨 In 2026, Richard Johnson - @richinseattle.bsky.social - returns to OffensiveCon with a training on "Advanced Fuzzing and Crash Analysis". More details here🔗https://buff.ly/I8w5EEO 🚀 Don't miss this chance to improve your skills - sign up now!
- Reposted by Richard Johnson@richinseattle.bsky.social’s ai agents for cybersecurity course at RE//verse looks neat!
- Reposted by Richard JohnsonMiss our #defcon panel hosted by @richinseattle.bsky.social @vacci.ne and chompie? It's up on YouTube!
- Reposted by Richard JohnsonPhrack turns 40. The digital drop is live. Download it. Archive it. Pass it on. 💾 www.phrack.org #phrackat40 #phrack72
- Reposted by Richard JohnsonNEW: Earlier this month, two hackers published their findings in Phrack magazine after earlier breaking into the computer of a North Korean government hacker. Now, in speaking with @lorenzofb.bsky.social, the two hackers explain why they went public — even though their breach was probably illegal.
- Reposted by Richard JohnsonAre you going to @defcon.bsky.social?? We'll be giving away 9500 print copies of Phrack! Come by main stage Sunday @ noon to see @vacci.ne @richinseattle.bsky.social and chompie talk hacker history! This will mark the first time Phrack staff appear together on DEF CON’s main stage.
- Reposted by Richard JohnsonAI Agents for Cybersecurity by Richard Johnson (@richinseattle.bsky.social) www.hexacon.fr/trainer/john...
- Reposted by Richard Johnson@richinseattle.bsky.social Richard Johnson, at the forefront of AI Security Research for years, is doing a new two day dojo course at CanSecWest2025_newtype, before 24/25 conference. Check out his presentation last year at CanSecWest "The DL on LLM Code Analysis " at secwest.net/2024-recordi...
- Generated a few fuzz harnesses using new local models, OlympicCoder was best, fixing own bugs zero-shot & few hallucinations Open R1 OlympicCoder 32B DeepSeek R1 Distill Qwen 32B QwQ 32B Gemma-3-27b-it All 4bit quant. Coder was by bartowski, the rest were Unsloth dynamic quant
- My new APPLIED DEEP LEARNING AI FOR CYBERSECURITY training class is now available for sign ups at @reconmtl for 5500 CAD ($3838 USD) early bird pricing Full syllabus and registration here: recon.cx/2025/trainin...
- My Applied Deep Learning AI for Cybersecurity training will be at RECON’s 20th anniversary con! I have a fuzzing harness gen section but will also cover model training/tuning & AI agents w/ applications in malware, RE, bug hunting, and web app pen-testing. There are also 3 other fuzzing trainings!
- Reposted by Richard JohnsonFriends, FBI has responded to my FOIA request for Kevin Mitnick's files, and have made them available to everyone via the FBI public portal here: vault.fbi.gov/kevin-mitnic...
- Reposted by Richard JohnsonGet your macOS 15.2 xnu CodeQL database here! 🎉 github.com/blacktop/dar...
- Mount up, time to ride!
- New Year, New Life.
- Happy New Year!
- Did anyone else get a blue box for Christmas?
- Reposted by Richard JohnsonWe updated our CFP for Phrack 72! The deadline is now April 1st 2025. Check the site for specifics on how to contribute, as well as some inspiration! We also posted a link to purchase physical copies of Phrack 71, and a donation link too. Enjoy! phrack.org
- So I guess I'm going to be participating in the Solana hackathon with some LLM magic. I could not have predicted this at the beginning of the year.
- News: Murderer was fond of a game where you take the role of an assassin. The game? Among Us. Never mind the cute cartoony aesthetic, this is a training ground for would-be killers! ROFL.
- I approve this message. A little digital hygiene will save your ass.
- If you're developing backend services for the web, you should probably be publishing your APIs using MCP so AIs know how to use them. www.anthropic.com/news/model-c...
- Reposted by Richard JohnsonWatch the recording of my #ekoparty talk "Advanced #Fuzzing with #LibAFL" here: youtu.be/FI7C37lz4Rg?... Thanks @fede-k.bsky.social for this amazing event!
- I need some 2d sprite animations for a project. Dall-e knows what that means but is being stubborn. Anyone know a good resource besides fiverr?
- I also have a couple 3D models that might work (they aren't cute llamas tho), but messing with rigging and creating frames for an animation and then exporting them to a sprite sheet / animated gif also sounds tedious and I'd pay a small amount for that work too
- China announced a ban on exports of Gallium, Germanium, and Antimony - natural resources used in semiconductors, solar cells, lead alloys for military etc. I found myself looking for what that might mean for our industries and found these annual natural resource reports from USGS
- From the reports: Antimony has plenty of supply chain, Belgium and Germany have a 1/3 of Germanium, Gallium is the one that no one produces cuz China makes a ton of cheaply. That’s the one that will have a longer tail to spin up production, but allies do have the resource.
- Am I the only one who gets really annoyed about plagiarism on social media? It’s important to credit your sources no matter the medium.
- This thread seems to be copied from someone else on Twitter without credit but is a good summary. Original: x.com/omarsar0/sta...
- This thread seems to be copied from someone else on Twitter without credit but is a good summary. Original: x.com/omarsar0/sta...
- I can only imagine the cringe, ain’t nobody got time to read that pathetic shit.
- RELEASE: Andrew Tate staff chats (1.5 GB) ddosecrets.com/article/andrew-tate… 148 channels used by staff members for Andrew Tate's subscription course service The Real World and "The Council," a group of Real World users who pay thousands of dollars to participate in the forums.
- I love when cmake just works to build other peoples code, but it always takes an hour to debug when I find one that hasn’t been properly written. It’s almost always me brute forcing my way to build targets on windows. Fortunately my experience in fuzzing has fortified my patience for such things.
- Reposted by Richard JohnsonNah include me in the dataset I go willingly my ass is gonna live forever through the machines. 100000 year SwiftOnSecurity chalice will clink against those of the future and settle scores past my death
- Reposted by Richard Johnson[This post could not be retrieved]
- Reposted by Richard Johnson[Not loaded yet]
- Dance with the Dead makes some pretty great gothic/baroque synth metal darkwave music to keep the juices flowing, all their albums are free on YT youtube.com/playlist?lis...
- Polymorphic Log4J exploit that is a valid JSON REST API request (credit tw:@d0znpp)
