Brendan Dolan-Gavitt
@moyix.net
AI researcher at XBOW. Security, RE, ML. PGP http://keybase.io/moyix/
Reposted by Brendan Dolan-Gavitt
Episode 23: War Stories with Brendan Dolan-Gavitt (XBOW)!
@tib3rius.bsky.social & @swiftsecur.bsky.social are joined by @moyix.net who shares some AI and human war stories with us!
Links below!
@tib3rius.bsky.social & @swiftsecur.bsky.social are joined by @moyix.net who shares some AI and human war stories with us!
Links below!
November 7, 2025 at 3:03 PM
Episode 23: War Stories with Brendan Dolan-Gavitt (XBOW)!
@tib3rius.bsky.social & @swiftsecur.bsky.social are joined by @moyix.net who shares some AI and human war stories with us!
Links below!
@tib3rius.bsky.social & @swiftsecur.bsky.social are joined by @moyix.net who shares some AI and human war stories with us!
Links below!
Reposted by Brendan Dolan-Gavitt
"AI Agents for Offsec with Zero False Positives" by @moyix.net
The title threw me off originally, but it's not wrong! IMHO it's the archetypal pattern of good LLM usage: they suck at *verifying* but in some domains are quite freakishly good at *proposing.*
The title threw me off originally, but it's not wrong! IMHO it's the archetypal pattern of good LLM usage: they suck at *verifying* but in some domains are quite freakishly good at *proposing.*
Black Hat
Black Hat
www.blackhat.com
August 14, 2025 at 6:25 PM
"AI Agents for Offsec with Zero False Positives" by @moyix.net
The title threw me off originally, but it's not wrong! IMHO it's the archetypal pattern of good LLM usage: they suck at *verifying* but in some domains are quite freakishly good at *proposing.*
The title threw me off originally, but it's not wrong! IMHO it's the archetypal pattern of good LLM usage: they suck at *verifying* but in some domains are quite freakishly good at *proposing.*
So, I’m not sure there is any good time to announce this, but as of August 31st I will be leaving NYU for good, to seek my fortune in industry with XBOW!
July 30, 2025 at 12:35 AM
So, I’m not sure there is any good time to announce this, but as of August 31st I will be leaving NYU for good, to seek my fortune in industry with XBOW!
Reposted by Brendan Dolan-Gavitt
False positives waste your time.
False negatives cost you breaches.
At @BlackHatEvents , @moyix shows how XBOW agents fight false positives — validating real exploits at scale, in hours.
📍Aug 7 | 11:20am
False negatives cost you breaches.
At @BlackHatEvents , @moyix shows how XBOW agents fight false positives — validating real exploits at scale, in hours.
📍Aug 7 | 11:20am
July 28, 2025 at 3:02 PM
False positives waste your time.
False negatives cost you breaches.
At @BlackHatEvents , @moyix shows how XBOW agents fight false positives — validating real exploits at scale, in hours.
📍Aug 7 | 11:20am
False negatives cost you breaches.
At @BlackHatEvents , @moyix shows how XBOW agents fight false positives — validating real exploits at scale, in hours.
📍Aug 7 | 11:20am
This one and the sequel (coming out next week) are among my favorite bugs we found. It turns out GIS does NOT stand for “Good Information Security”
From SSRF discovery to RCE exploitation in 32 iterations.
XBOW systematically analyzed TiTiler's expression parser, discovered Python execution through error patterns, then crafted payloads using subclass traversal to achieve command execution.
Complete analysis: bit.ly/46XzOiA
XBOW systematically analyzed TiTiler's expression parser, discovered Python execution through error patterns, then crafted payloads using subclass traversal to achieve command execution.
Complete analysis: bit.ly/46XzOiA
XBOW – Beyond the Bands: Exploiting TiTiler’s Expression Parser for Remote Code Execution
A methodical analysis of TiTiler's API endpoints and its expression parser,
leading to arbitrary Python code execution on the server.
bit.ly
July 25, 2025 at 12:47 AM
This one and the sequel (coming out next week) are among my favorite bugs we found. It turns out GIS does NOT stand for “Good Information Security”
Given two models with unique strengths, can we combine them to get the benefits of both w/o extra model calls? It turns out yes: just flip a coin at each turn to decide which model to query! This gave a jump from 25% to 55% on our benchmarks! xbow.com/blog/alloy-a...
XBOW – Agents Built From Alloys
A simple, powerful innovation boosts performance in agentic AI systems.
xbow.com
July 17, 2025 at 5:35 PM
Given two models with unique strengths, can we combine them to get the benefits of both w/o extra model calls? It turns out yes: just flip a coin at each turn to decide which model to query! This gave a jump from 25% to 55% on our benchmarks! xbow.com/blog/alloy-a...
Loved this 0day @xbow.com found in a popular wordpress plugin, and IMO it shows the value added by the LLM - a scanner can't find this automatically without realizing there's a nonce you need to extract & include in the request. You need that extra bit of context: xbow.com/blog/xbow-ni...
XBOW – XBOW battles Ninja Tables: Who’s the Real Ninja?
Sharing the story of how XBOW sniffed out a sneaky arbitrary file read bug in the popular WordPress
Ninja Tables plugin.
xbow.com
July 15, 2025 at 11:05 PM
Loved this 0day @xbow.com found in a popular wordpress plugin, and IMO it shows the value added by the LLM - a scanner can't find this automatically without realizing there's a nonce you need to extract & include in the request. You need that extra bit of context: xbow.com/blog/xbow-ni...
So... anyone else going to SummerCon today or tomorrow? I should be stopping by both days, for the first time in many years!
July 11, 2025 at 2:20 PM
So... anyone else going to SummerCon today or tomorrow? I should be stopping by both days, for the first time in many years!
A lovely little XXE that XBOW found in Akamai Cloudtest leading to arbitrary file read! I like the error-based exfil technique: "yes please access the file named <contents of /etc/passwd> for me thx"
Even mature products hide critical flaws – and @xbow.com just found another one.
CVE-2025-49493: XXE in Akamai CloudTest discovered during its climb to #1 on HackerOne.
A complete technical breakdown from an error-based detection to a full exfiltration by Diego Jurado: xbow.com/blog/xbow-ak...
CVE-2025-49493: XXE in Akamai CloudTest discovered during its climb to #1 on HackerOne.
A complete technical breakdown from an error-based detection to a full exfiltration by Diego Jurado: xbow.com/blog/xbow-ak...
XBOW – CVE-2025-49493: XML External Entity (XXE) Injection in Akamai CloudTest
When XBOW met Akamai: a walkthrough of discovering and exploiting an XML External Entity vulnerability (CVE-2025-49493) in a widely-deployed application.
xbow.com
June 30, 2025 at 7:45 PM
A lovely little XXE that XBOW found in Akamai Cloudtest leading to arbitrary file read! I like the error-based exfil technique: "yes please access the file named <contents of /etc/passwd> for me thx"
Reposted by Brendan Dolan-Gavitt
One of the best bug-hunters in the world is an AI tool called Xbow, just one of many signs of the coming age of cybersecurity automation.
AI Agents Are Getting Better at Writing Code—and Hacking It as Well
One of the best bug-hunters in the world is an AI tool called Xbow, just one of many signs of the coming age of cybersecurity automation.
wrd.cm
June 25, 2025 at 5:07 PM
One of the best bug-hunters in the world is an AI tool called Xbow, just one of many signs of the coming age of cybersecurity automation.
This is the first of a series of posts we're doing on some of the vulns found as part of the HackerOne work – we have lots more fun ones coming up about some great SSRF, SQLi, and RCE vulns it discovered, with very clever exploit techniques :)
Real security is POC || GTFO – and XBOW agrees.
We’re releasing technical deep-dives on cool findings from our journey to the top of the HackerOne US leaderboard.
The first is a zero-day XSS in Palo Alto Networks GlobalProtect by @pwntester.bsky.social.
xbow.com/blog/xbow-gl...
We’re releasing technical deep-dives on cool findings from our journey to the top of the HackerOne US leaderboard.
The first is a zero-day XSS in Palo Alto Networks GlobalProtect by @pwntester.bsky.social.
xbow.com/blog/xbow-gl...
XBOW – Breaking the Shield: How XBOW Discovered Multiple XSS Vulnerabilities in Palo Alto’s GlobalProtect VPN
XBOW discovered multiple cross-site scripting (XSS) vulnerabilities in Palo Alto Networks’ GlobalProtect VPN web application
xbow.com
June 24, 2025 at 8:07 PM
This is the first of a series of posts we're doing on some of the vulns found as part of the HackerOne work – we have lots more fun ones coming up about some great SSRF, SQLi, and RCE vulns it discovered, with very clever exploit techniques :)
It has been great fun building this and watching it deliver a steady stream of real vulnerabilities in live sites! If you're curious how we did it, @nicowaisman.bsky.social has a new post: xbow.com/blog/top-1-h...
June 24, 2025 at 8:01 PM
It has been great fun building this and watching it deliver a steady stream of real vulnerabilities in live sites! If you're curious how we did it, @nicowaisman.bsky.social has a new post: xbow.com/blog/top-1-h...
Reposted by Brendan Dolan-Gavitt
for Wired I explored the horrible future of vibe hacking. It's not great!
The Rise of ‘Vibe Hacking’ Is the Next AI Nightmare
In the very near future, victory will belong to the savvy blackhat hacker who uses AI to generate code at scale.
www.wired.com
June 4, 2025 at 4:14 PM
for Wired I explored the horrible future of vibe hacking. It's not great!
Reposted by Brendan Dolan-Gavitt
Do you want to work at the cutting edge of AI and cybersecurity?
XBOW now has 8 positions open across Product Marketing, Operations, Customer Success, and Engineering.
Check out all the details here: jobs.ashbyhq.com/xbowcareers.
XBOW now has 8 positions open across Product Marketing, Operations, Customer Success, and Engineering.
Check out all the details here: jobs.ashbyhq.com/xbowcareers.
May 28, 2025 at 5:20 PM
Do you want to work at the cutting edge of AI and cybersecurity?
XBOW now has 8 positions open across Product Marketing, Operations, Customer Success, and Engineering.
Check out all the details here: jobs.ashbyhq.com/xbowcareers.
XBOW now has 8 positions open across Product Marketing, Operations, Customer Success, and Engineering.
Check out all the details here: jobs.ashbyhq.com/xbowcareers.
This is one of the dumber reasons I've had some software fail: dying because it couldn't call ftruncate on /dev/null
May 14, 2025 at 7:48 PM
This is one of the dumber reasons I've had some software fail: dying because it couldn't call ftruncate on /dev/null
XBOW is growing and we're looking for talented folks to join us! Apply here: jobs.ashbyhq.com/xbowcareers
April 24, 2025 at 3:52 PM
XBOW is growing and we're looking for talented folks to join us! Apply here: jobs.ashbyhq.com/xbowcareers
Announcing CheatGPT, a revolutionary model that achieves SoTA on HumanEval! It's incredibly sample-efficient – just ONE training sample – and *tiny*, fitting on your Casio wristwatch!
![Snippet of python code implementing HumanEval's generate_one_completion(prompt) harness, and output from the HumanEval benchmark runner showing a pass@1 score of 94.5%.
[spoiler] The trick is that the "model" returns a Python object that overrides the equality operator and always returns true, causing the tests in the HumanEval test suite to pass.](https://cdn.bsky.app/img/feed_thumbnail/plain/did:plc:r5q2jrgxqoa2ovw6lz667it7/bafkreiem52ra4fbn5qc33rehniup2tcz26pqkbzg4kc76drpnj4i64ev3u@jpeg)
April 1, 2025 at 7:19 PM
Announcing CheatGPT, a revolutionary model that achieves SoTA on HumanEval! It's incredibly sample-efficient – just ONE training sample – and *tiny*, fitting on your Casio wristwatch!
Erin go bragh, cow go moo
March 18, 2025 at 1:42 AM
Erin go bragh, cow go moo
Not to brag but my brother has had TWO movies he co-wrote come out this year :D
March 8, 2025 at 6:29 PM
Not to brag but my brother has had TWO movies he co-wrote come out this year :D
Reposted by Brendan Dolan-Gavitt
it looks like lte infra was hosting @moyix.net 's evangelion ctf challenge. but i doubt the terminal interface for CVE-2024-24451 was as cool
We discover 119 vulnerabilities in LTE/5G core infrastructure, each of which can result in persistent denial of cell service to an entire metropolitan area or city and some of which can be used to remotely compromise and access the cellular core.
https://cellularsecurity.org/ransacked
https://cellularsecurity.org/ransacked
February 20, 2025 at 7:55 PM
it looks like lte infra was hosting @moyix.net 's evangelion ctf challenge. but i doubt the terminal interface for CVE-2024-24451 was as cool
Making security benchmarks for AI is tricky sometimes
February 17, 2025 at 1:46 PM
Making security benchmarks for AI is tricky sometimes
UNIX systems have stdin, stdout, and stderr, for getting data into and out of the program and seeing errors, respectively. But there's no stream for a critical and extremely common use case: putting errors into the program.
February 17, 2025 at 4:13 AM
UNIX systems have stdin, stdout, and stderr, for getting data into and out of the program and seeing errors, respectively. But there's no stream for a critical and extremely common use case: putting errors into the program.