Nostr notes by raptor :C_H:

RIP one of our favorite techniques to bypass #PaloAlto #Cortex ...

2026-03-24T05:25:20Z

RIP one of our favorite techniques to bypass #PaloAlto #Cortex #XDR 🤷

https://labs.infoguard.ch/posts/decrypting-and-abusing_paloalto-cortex-xdr_behavioral-rules_biocs/

For my #Rust projects, I’ve finally migrated from #RustRover to ...

2026-03-14T05:21:12Z

For my #Rust projects, I’ve finally migrated from #RustRover to Zed (npub1zxt…pwx0).

RR is a great IDE, but it feels much too bloated for me. #Zed, on the other hand, is a pleasure to use. So smooth!

Here’s my current config including a beautiful theme based on monokai-pro https://github.com/0xdea/dotfiles/tree/main/zed/.config/zed

@npub17wv…nag2 have you seen this? ...

2026-02-24T20:00:11Z

buherator (npub17wv…nag2) have you seen this? https://hex-rays.com/blog/plugin-spotlight-dbimporter

Just shipped updates for rhabdomancer, haruspex, and augur. Now ...

2026-02-20T08:57:46Z

Just shipped updates for rhabdomancer, haruspex, and augur. Now compatible with Hex-Rays SA (npub1wx2…r8kv) IDA 9.3 and xorpse (npub16xn…y2dt)'s idalib-rs 8.0.

These headless #IDA plugins are built for #VulnerabilityResearch workflows where you want IDA's power without the GUI. This release brings a bunch of small improvements and bug fixes.

https://hnsecurity.it/blog/streamlining-vulnerability-research-with-the-idalib-rust-bindings-for-ida-9-2/

the watchers: how #openai, the US government, and #persona built ...

2026-02-19T06:49:51Z

the watchers: how #openai, the US government, and #persona built an identity #surveillance machine that files reports on you to the feds

https://vmfunc.re/blog/persona/

Today is an excellent day to enjoy free, ad-free, non-stop #MTV ...

2026-02-13T11:47:27Z

Today is an excellent day to enjoy free, ad-free, non-stop #MTV #nostalgia

https://wantmymtv.vercel.app/

This is another incredible #talk from @npub1zze…4ut8 2025 ...

2026-02-12T16:50:52Z

This is another incredible #talk from RE//verse Conference (npub1zze…4ut8) 2025

Full-stack Reverse Engineering of the Original Microsoft #Xbox (Markus Gaasedelen gaasedelen (npub1yhp…nsy6))

https://youtu.be/hGlIkgmhZvc

The path to #pwning the PS VR2 (part 1) - "Recovery mode" ...

2026-02-05T13:11:31Z

The path to #pwning the PS VR2 (part 1) - "Recovery mode" <- yet another case study on how assumptions should always be checked in practice 🤷

https://bnuuy.solutions/2026/02/01/ps-vr2-recovery-mode.html

While waiting for the upcoming release of #IDAPro 9.3 by ...

2026-02-05T07:52:32Z

While waiting for the upcoming release of #IDAPro 9.3 by Hex-Rays SA (npub1wx2…r8kv), I have made some updates and bug fixes to my idalib-based headless IDA #plugins rhabdomancer, haruspex, and augur.

Check out the changelogs for all the details and enjoy!

https://hnsecurity.it/blog/streamlining-vulnerability-research-with-the-idalib-rust-bindings-for-ida-9-2/

RE: https://mastodon.social/@XC3LL/115990518822402879 Very ...

2026-02-01T16:54:38Z

RE: https://mastodon.social/@XC3LL/115990518822402879

Very valuable insight if you are into #redteaming

quoting
note1e6a…l4y7

A small rant:

The State of Art in Red Team is whatever you want to believe

https://x-c3ll.github.io/posts/Rant-Red-Team/

Can You Write A Web Server in PURE #BASH?! (no socat, no netcat, ...

2026-01-21T15:49:50Z

Can You Write A Web Server in PURE #BASH?! (no socat, no netcat, no external tools)

https://www.youtube.com/watch?v=L967hYylZuc

root@kaka:~ sudo apt-get install inetutils-telnetd telnet ...

2026-01-20T18:07:24Z

root@kaka:~ sudo apt-get install inetutils-telnetd telnet
root@kaka:~ sudo sed -i 's/#<off># telnet/telnet/' /etc/inetd.conf
root@kaka:~ sudo /etc/init.d/inetutils-inetd start
root@kaka:~ USER='-f root' telnet -a localhost
...
root@kaka:~#

https://seclists.org/oss-sec/2026/q1/89

We are here ...

2025-12-30T13:12:06Z

We are here

“We learn different lessons from finishing projects than we do ...

2025-12-29T07:54:58Z

“We learn different lessons from finishing projects than we do from starting them. Starting teaches us about ideation and initial implementation. Finishing, on the other hand, teaches us about perseverance, attention to detail, and the art of knowing when to let go. These are invaluable skills that can only be honed through the act of completion.”

https://www.bytedrum.com/posts/art-of-finishing/

#PoC for CVE-2025-65945 (Improper Verification of Cryptographic ...

2025-12-19T07:36:13Z

#PoC for CVE-2025-65945 (Improper Verification of Cryptographic Signature in node-jws)

https://github.com/jedisct1/CVE-2025-65945-poc

#FreeBSD-SA-25:12.rtsold Security Advisory Remote code execution ...

2025-12-19T07:35:23Z

#FreeBSD-SA-25:12.rtsold Security Advisory

Remote code execution via ND6 Router Advertisements

https://www.freebsd.org/security/advisories/FreeBSD-SA-25:12.rtsold.asc

This is my experience with LLMs. To paraphrase @npub1mdh…52t9 ...

2025-12-18T19:02:02Z

This is my experience with LLMs. To paraphrase Federico Dotta (npub1mdh…52t9) “sometimes you just need to ask nicely”

https://hnsecurity.it/blog/attacking-genai-applications-and-llms-sometimes-all-it-takes-is-to-ask-nicely/
https://mastodon.cloud/@slashdot/115742100395423331

A cool new project by a friend Zynk - Move anything Between ...

2025-12-07T10:01:47Z

A cool new project by a friend

Zynk - Move anything
Between everything

Send folders, photos, and multi‑gig archives across phones, laptops, TVs, and servers. End‑to‑end encrypted, resumable, no size limits.

https://zynk.it/

Hey developers and vulnerability researchers! I'm currently ...

2025-12-03T15:17:36Z

Hey developers and vulnerability researchers!

I'm currently working on improving my #Semgrep ruleset for C/C++ static code analysis, and I've just published the new v1.1.0 release: https://github.com/0xdea/semgrep-rules

Some notable changes since the previous battle-tested release: new rules for detecting high-entropy assignments and ReDoS vulnerabilities, numerous enhancements to existing rules, reduced false positives without sacrificing coverage, optimized patterns across the board, and overall better documentation. Check the changelog for the full list (yes, there’s a changelog now).

Please test it inside and out, and feel free to open issues or submit pull requests. Your feedback is invaluable and will help shape the project roadmap. I'm aiming for a major release sometime before spring.

does it depend on Frida by any chance? 😅

2025-10-17T16:22:09Z

In reply to nevent1q…yru8
_________________________

does it depend on Frida by any chance? 😅

Heads up to anyone doing #Mobile #ReverseEngineering and ...

2025-10-03T07:27:44Z

Heads up to anyone doing #Mobile #ReverseEngineering and #PenetrationTesting: I've just ported my NowSecure (npub17rv…x5dh) #Frida instrumentation scripts (#iOS and #Android) to Frida 17, which introduced some breaking changes in the API.

The original, battle-tested scripts from 2017 are preserved as release 0.1 for retro compatibility and historical reference.

https://github.com/0xdea/frida-scripts

Happy hacking! 🏴‍☠️🪐

#Styx Emulator Public Release (a #Rust-based #QEMU Alternative) ...

2025-10-02T08:06:22Z

#Styx Emulator Public Release (a #Rust-based #QEMU Alternative)

https://stumbl.ing/posts/styx-emulator-release/

Great VR talk by @npub1pyk…mdt8 at #RomHack2025 ...

2025-09-27T10:54:35Z

Great VR talk by leonjza :verified: (npub1pyk…mdt8) at #RomHack2025

Dirk-jan is a friend and a fantastic hacker, but I don’t think ...

2025-09-17T18:15:41Z

In reply to nevent1q…hmrz
_________________________

Dirk-jan is a friend and a fantastic hacker, but I don’t think he was the original discoverer of ZeroLogon https://dirkjanm.io/a-different-way-of-abusing-zerologon/

I've updated my #VulnerabilityResearch and ...

2025-09-16T10:43:51Z

I've updated my #VulnerabilityResearch and #ReverseEngineering tools to use the latest version of [@binarly_io](https://bird.makeup/users/binarly_io ) award-winning #idalib #Rust bindings, which support Hex-Rays SA (npub1wx2…r8kv) IDA Pro 9.2 and their freshly open-sourced SDK.

#Rhabdomancer - Vulnerability research assistant that locates calls to potentially insecure API functions in a binary file.
https://github.com/0xdea/rhabdomancer

#Haruspex - Vulnerability research assistant that extracts pseudo-code from the IDA Hex-Rays decompiler.
https://github.com/0xdea/haruspex

#Augur - Reverse engineering assistant that extracts strings and related pseudo-code from a binary file.
https://github.com/0xdea/augur

For additional details:
https://security.humanativaspa.it/streamlining-vulnerability-research-with-ida-pro-and-rust/

Entertaining and inspiring #pwn2own #xdev writeup 👏 (also from ...

2025-08-30T10:47:36Z

Entertaining and inspiring #pwn2own #xdev writeup 👏 (also from a few months back)

#Lorex 2K Indoor Wi-Fi Security Camera: RCE #Exploit Chain

https://github.com/sfewer-r7/LorexExploit

https://www.rapid7.com/globalassets/_pdfs/research/pwn2own-iot-2024-lorex-2k-indoor-wi-fi-security-camera-research.pdf

Eight years later, I’ve updated my most-starred ...

2025-08-28T13:09:54Z

Eight years later, I’ve updated my most-starred Github (npub1545…mva5) repository with some new Frida (npub1ne9…0uhz) scripts, inspired by spaceraccoon | Eugene Lim (npub1xwz…c2zl)'s new book “From Day Zero to Zero Day”.

Check it out: https://github.com/0xdea/frida-scripts/

I had missed this #linux #kernel discussion about #pathtraversal ...

2025-08-28T09:04:56Z

I had missed this #linux #kernel discussion about #pathtraversal #vulnerabilities

[RFC] Add a prctl to disable ".." traversal in path resolution

https://lore.kernel.org/linux-fsdevel/20241211142929.247692-1-mjg59@srcf.ucam.org/T/#u

How it was to scan the whole Internet in 1998. Don’t skim over ...

2025-08-27T06:11:53Z

How it was to scan the whole Internet in 1998. Don’t skim over week 3, when an actual APT shows up 🍿

The #Internet #Auditing Project (beta 1)

https://www.focb.co.nz/audit/

I finally brought myself to read this essay ...

2025-08-27T05:48:54Z

I finally brought myself to read this essay

https://www.structuredprocrastination.com

This is great news 🤩 I guess it’s about time to start ...

2025-08-26T06:37:45Z

This is great news 🤩 I guess it’s about time to start learning CodeQL seriously

#CodeQL can be enabled at scale on C/C++ repositories in public preview using build-free #scanning

https://github.blog/changelog/2025-06-03-codeql-can-be-enabled-at-scale-on-c-c-repositories-in-public-preview-using-build-free-scanning/

“Humans are hackers. We were put here to figure things out. ...

2025-08-19T06:25:26Z

“Humans are hackers. We were put here to figure things out. Hacking is an innate skill to be tapped into and developed. The hacker spirit guides us through situations once thought hopeless. Hacking is a way to answer your own burning questions, a way to discover your own potential, and a way to create a world you want to live in.

There is a hacker born every day. It's our duty to share things that can inform them of the past and present, and give them hope for a better tomorrow. After all, we're all alike.”

❤️❤️❤️❤️❤️❤️❤️❤️

#Phrack72 40th anniversary edition is out!

https://phrack.org

A fascinating story about a #DoS #vulnerability in the Expat #XML ...

2025-08-18T07:07:38Z

A fascinating story about a #DoS #vulnerability in the Expat #XML parser

#Recursion kills: The story behind CVE-2024-8176 / #Expat 2.7.0 released, includes security fixes

https://blog.hartwork.org/posts/expat-2-7-0-released/

Never been into the fan/celeb thing, but this is damn #inspiring ...

2025-08-16T14:50:44Z

Never been into the fan/celeb thing, but this is damn #inspiring 👏
ht Slashdot :verified: (npub18e3…kv8z)

#TIL that last month some dimwits at Ventegus Anti-Piracy GmbH ...

2025-08-10T15:46:48Z

#TIL that last month some dimwits at Ventegus Anti-Piracy GmbH (likely on behalf of Hex-Rays?) submitted a #DMCA (Copyright) Complaint to #Google to remove these two pages from search results:

https://0xdeadbeef.info/augur/augur/
https://0xdeadbeef.info/augur/src/haruspex/lib.rs.html

See for yourself:
https://lumendatabase.org/notices/54378675

Not that I care, but WTAF...

CVE-2025-48708: #ghostscript can embed plaintext #password in ...

2025-08-10T13:22:50Z

CVE-2025-48708: #ghostscript can embed plaintext #password in encrypted #PDFs 😶

https://www.openwall.com/lists/oss-security/2025/05/23/2

Another fresh #Python #tarfile #vulnerability Python ...

2025-08-09T07:52:25Z

Another fresh #Python #tarfile #vulnerability

Python TarFile.extractall(..., filter='tar') arbitrary file chmod

https://github.com/python/cpython/issues/127987

Here’s another fun one by @npub1y7r…9kzp! I’ve really ...

2025-08-08T07:21:38Z

Here’s another fun one by Snyk (npub1y7r…9kzp)! I’ve really enjoyed the clever building of the #exploit chain ✊

Abusing #Ubuntu 24.04 features for root privilege escalation

https://labs.snyk.io/resources/abusing-ubuntu-root-privilege-escalation/

I love this kind of #bugs, especially when they are features 🤣 ...

2025-08-04T09:22:25Z

I love this kind of #bugs, especially when they are features 🤣

#arm64: Linear mapping is mapped at the same static virtual address

https://project-zero.issues.chromium.org/issues/434208461

[CVE-2025-38001] #Exploiting All Google #kernelCTF Instances And ...

2025-07-13T19:21:07Z

[CVE-2025-38001] #Exploiting All Google #kernelCTF Instances And Debian 12 With A #0Day For $82k: A RBTree Family Drama (Part One: LTS & COS)

https://syst3mfailure.io/rbtree-family-drama/

#FortiWeb Pre-Auth #RCE (CVE-2025-25257) ...

2025-07-11T17:42:46Z

#FortiWeb Pre-Auth #RCE (CVE-2025-25257)

https://pwner.gg/blog/2025-07-10-fortiweb-fabric-rce

As an old fart in #xdev, I get asked often, mostly by young ...

2025-07-10T06:38:36Z

As an old fart in #xdev, I get asked often, mostly by young coworkers, how to get into binary exploitation in 2025. I looked around, and here’s my recommendation:

https://pwn.college

#pwncollege is a huge collection of free #lectures and practical #challenges maintained by a team of #hackers at the Arizona State University. Check it out!

he was the youngest researcher at zero day quest, and I was the ...

2025-07-02T18:43:02Z

In reply to nevent1q…p43l
_________________________

he was the youngest researcher at zero day quest, and I was the oldest with an exact 30 year difference 😅

#TumpiCon2025 is happening now! 💚 ...

2025-06-27T08:26:39Z

#TumpiCon2025 is happening now! 💚

This Video Can #Exploit Your #iPhone (CVE-2025-31200) ...

2025-06-11T08:32:53Z

This Video Can #Exploit Your #iPhone (CVE-2025-31200)

https://www.youtube.com/watch?v=nTO3TRBW00E

Besides the clickbaity title, this video is actually a simple and fun initial analysis of the #1day in question.

As a side note, I started watching it on a device with no #adblocker and damn, YouTube has become so annoying and utterly unusable 😠

#Hydroph0bia (CVE-2025-4275) - a trivial #SecureBoot bypass for ...

2025-06-11T05:53:28Z

#Hydroph0bia (CVE-2025-4275) - a trivial #SecureBoot bypass for UEFI-compatible firmware based on Insyde #H2O, part 1

https://coderush.me/hydroph0bia-part1/

How to store data on #paper? ...

2025-06-09T06:17:34Z

How to store data on #paper?

https://www.monperrus.net/martin/store-data-paper

“Certain 5400 RPM hard drives, for laptops and other PCs in ...

2025-05-25T09:14:39Z

“Certain 5400 RPM hard drives, for laptops and other PCs in approximately 2005 and later, allow physically proximate attackers to cause a denial of service (device malfunction and system crash) via a resonant-frequency attack with the audio signal from the Rhythm Nation music video. A reported product is Seagate STDT4000100 763649053447.”

https://nvd.nist.gov/vuln/detail/CVE-2022-38392

During the weekend, I’ve been working a bit on updating my ...

2025-05-19T10:46:57Z

During the weekend, I’ve been working a bit on updating my battle-tested #semgrep ruleset for #c #vulnerability research

https://github.com/0xdea/semgrep-rules

Nothing major, just a couple of small updates. It feels good to be back doing some #security #research! Let’s see where this takes me…

for some reason, this ...

2025-05-15T06:20:45Z

In reply to nevent1q…d2ht
_________________________

for some reason, this [@slashdot](https://mastodon.cloud/@slashdot ) headline from 2000 stuck with me and when I’m sleep deprived I often think about it https://science.slashdot.org/story/00/02/11/0648213/sleep-deprivation-increases-brain-activity

reminds me a bit of GPS navigators TBH

2025-05-14T11:37:43Z

In reply to nevent1q…a64g
_________________________

reminds me a bit of GPS navigators TBH

or maybe, even better, of #Troma’s “Surf Nazis Must Die” ...

2025-05-08T13:03:11Z

In reply to nevent1q…370j
_________________________

or maybe, even better, of #Troma’s “Surf Nazis Must Die” https://en.wikipedia.org/wiki/Surf_Nazis_Must_Die

[CVE-2025-37752] Two Bytes Of Madness: Pwning The #Linux #Kernel ...

2025-05-07T04:54:41Z

[CVE-2025-37752] Two Bytes Of Madness: Pwning The #Linux #Kernel With A 0x0000 Written 262636 Bytes Out-Of-Bounds 🔥

https://syst3mfailure.io/two-bytes-of-madness/

This is a well-written, comprehensive #Rust guide for beginners ...

2025-04-19T08:35:37Z

This is a well-written, comprehensive #Rust guide for beginners that have experience with other languages

https://www.chiark.greenend.org.uk/~ianmdlvl/rust-polyglot/index.html

interesting blog too ...

2025-04-18T09:46:51Z

In reply to nevent1q…tfx6
_________________________

interesting blog too https://platformsecurity.com/blog/CVE-2025-32433-poc

Deja vu 😅 ...

2025-04-14T17:12:59Z

In reply to nevent1q…99mw
_________________________

Deja vu 😅 https://security.humanativaspa.it/multiple-vulnerabilities-in-eclipse-threadx/

unclear. Maybe not https://news.ycombinator.com/item?id=43617413

2025-04-08T08:21:28Z

In reply to nevent1q…2xkr
_________________________

unclear. Maybe not https://news.ycombinator.com/item?id=43617413

"The designer of a new system must not only be the ...

2025-03-27T14:04:40Z

"The designer of a new system must not only be the implementor and the first large-scale user; the designer should also write the first user manual. If I had not participated fully in all these activities, literally hundreds of improvements would never have been made, because I would never have thought of them or perceived why they were important."

-- Donald Knuth, “The Errors of TeX”

Rejoice! 🎉 My idalib-based vulnerability research tools are ...

2025-03-21T07:20:16Z

Rejoice! 🎉

My idalib-based vulnerability research tools are now fully compatible with Windows 🪟

Please test them and report any bugs 🪲

https://security.humanativaspa.it/streamlining-vulnerability-research-with-ida-pro-and-rust/

(PS. Ya like my GPT writing style? 🚀)

rotfl https://hackerone.com/reports/2293343

2025-02-26T14:03:21Z

rotfl https://hackerone.com/reports/2293343

so true

2025-02-25T17:53:23Z

In reply to nevent1q…cejf
_________________________

so true

Lesser known tricks, quirks and features of #C ...

2025-02-21T13:17:12Z

Lesser known tricks, quirks and features of #C

https://jorenar.com/blog/less-known-c

Tour of #Rust's Standard Library Traits ...

2025-01-28T20:42:47Z

Tour of #Rust's Standard Library Traits

https://github.com/pretzelhammer/rust-blog/blob/master/posts/tour-of-rusts-standard-library-traits.md

it’s not yesterday’s post, it’s an upcoming one in the near ...

2025-01-16T12:10:42Z

In reply to nevent1q…24k5
_________________________

it’s not yesterday’s post, it’s an upcoming one in the near future

my colleague wrote this, I expect it to be clean 😅

2025-01-16T11:06:50Z

In reply to nevent1q…wd2c
_________________________

my colleague wrote this, I expect it to be clean 😅

Safe #Rust AIN'T SAFE!? (cve-rs explainer) ...

2024-12-26T11:08:44Z

Safe #Rust AIN'T SAFE!? (cve-rs explainer)

https://youtu.be/vfMpIsJwpjU

2025 is just around the corner. If #LearningRust is among your ...

2024-12-26T06:54:43Z

2025 is just around the corner. If #LearningRust is among your New Year’s resolutions, I’ve got you.

Following my ongoing #Rust series on the HN Security (npub1fnd…8ya4) blog (https://security.humanativaspa.it/tag/rust/) and adding something along the way, in the next days I’ll recommend the learning resources that worked for me.

Stay tuned!

Announcing #CodeQL Community Packs ...

2024-12-24T05:51:07Z

Announcing #CodeQL Community Packs

https://github.blog/security/vulnerability-research/announcing-codeql-community-packs/

Oasis Security Research Team Discovers Microsoft #Azure #MFA ...

2024-12-14T07:46:34Z

Oasis Security Research Team Discovers Microsoft #Azure #MFA Bypass

https://oasis.security/resources/blog/oasis-security-research-team-discovers-microsoft-azure-mfa-bypass

Pointers Are Complicated, or: What's in a Byte? ...

2024-12-08T15:25:28Z

Pointers Are Complicated, or: What's in a Byte?
https://www.ralfj.de/blog/2018/07/24/pointers-and-bytes.html

Pointers Are Complicated II, or: We need better language specs
https://www.ralfj.de/blog/2020/12/14/provenance.html

Pointers Are Complicated III, or: Pointer-integer casts exposed
https://www.ralfj.de/blog/2022/04/11/provenance-exposed.html

Breaking the most popular #Web Application Firewalls (#waf) in ...

2024-12-06T16:00:26Z

Breaking the most popular #Web Application Firewalls (#waf) in the market

https://nzt-48.org/breaking-the-most-popular-wafs

done! https://bsky.app/profile/raptor.infosec.exchange.ap.brid.gy

2024-11-16T18:25:29Z

In reply to nevent1q…m8es
_________________________

done! https://bsky.app/profile/raptor.infosec.exchange.ap.brid.gy

funny that you mention keycloak on the very same day that we ...

2024-10-30T14:16:37Z

In reply to nevent1q…ypjn
_________________________

funny that you mention keycloak on the very same day that we chose to disclose some vulnerabilities in it 🤷‍♂️ https://security.humanativaspa.it/an-analysis-of-the-keycloak-authentication-system/

Super useful diagram that explains all available transformations ...

2024-10-26T08:17:51Z

Super useful diagram that explains all available transformations between Result and Option standard #Rust types and their interactions.

Source: https://docs.google.com/drawings/d/1EOPs0YTONo_FygWbuJGPfikO9Myt5HwtiFUHRuE1JVM/edit

Got some #MSRC #swag 😂 ...

2024-10-24T11:20:49Z

Got some #MSRC #swag 😂

yes! And it’s quite convenient to use, e.g. ...

2024-10-12T10:43:05Z

In reply to nevent1q…6smw
_________________________

yes! And it’s quite convenient to use, e.g. https://security.humanativaspa.it/big-update-to-my-semgrep-c-cpp-ruleset/

A step-by-step guide to writing an #iOS #kernel #exploit -< ...

2024-10-10T14:58:55Z

A step-by-step guide to writing an #iOS #kernel #exploit -< short and to the point!

// by [@alfiecg_dev](https://bird.makeup/users/alfiecg_dev )

https://alfiecg.uk/2024/09/24/Kernel-exploit.html
https://github.com/alfiecg24/Vertex

#Hacking is not just #OldSchool tooling and techniques. Modern ...

2024-10-04T06:37:39Z

#Hacking is not just #OldSchool tooling and techniques. Modern #MobileApps are a fun target for #ReverseEngineers and #Pentesters alike. A fundamental tool to properly hack mobile apps is npub1ufe9jqagzytvuzkge3ur0jd3wv8azmcvvg5772jg8rkghgqw0qwqtcm7ps (npub1ufe…m7ps) by [@oleavr](https://fosstodon.org/@oleavr ).

We continue our tour of my [@github](https://infosec.exchange/@github ) projects with my humble contributions to this field:
https://github.com/0xdea/frida-scripts

For a well-maintained project that includes some of my #Frida scripts, check out #Brida by [@apps3c](https://infosec.exchange/@apps3c ) and Piergiovanni Cipolloni:
https://github.com/federicodotta/Brida

And even after many years, if you search for well-crafted Frida scripts to bypass certificate pinning or root detection, there’s a very good chance that you’ll stumble upon the work of some of my colleagues… Very proud of my team at [@hnsec](https://infosec.exchange/@hnsec )!

#patchfriday on #cups #vulnerabilities ...

2024-09-29T12:19:33Z

#patchfriday on #cups #vulnerabilities

https://patchfriday.com/158/

Continuing the tour of my @npub1545…mva5 projects, the ...

2024-09-20T07:17:52Z

Continuing the tour of my Github (npub1545…mva5) projects, the #TacticalExploitation toolkit deserves to be mentioned. It's now a bit old, but I believe the concept still applies, and very much so.

https://github.com/0xdea/tactical-exploitation

"The Other Way to Pen-Test" -- HD Moore (npub18pc…787r) & Valsmith (npub14pv…jqkx)

I've always been a big proponent of a tactical approach to #PenetrationTesting that doesn't focus on exploiting known software #vulnerabilities, but relies on #OldSchool techniques such as #InformationGathering and #BruteForce. While being able to appreciate the occasional usefulness of a well-timed 0day, as a veteran penetration tester I favor an exploit-less approach. Tactical exploitation provides a smoother and more reliable way of compromising targets by leveraging process vulnerabilities, while minimizing attack detection and other undesired side effects.

Since a few years, I've meant to give a talk on this very subject, with the working title of "Empty Phist Style - Hacking Without Tooling" (inspired by the grugq (npub18ym…460u)). Sooner or later it will happen.

makes sense!

2024-09-17T08:19:18Z

In reply to nevent1q…hnpt
_________________________

makes sense!

Not a fan of the #AI hype at all, but @npub1nnw…ytvc #RustRover ...

2024-09-17T07:42:28Z

Not a fan of the #AI hype at all, but JetBrains (npub1nnw…ytvc) #RustRover new full line code completion feature is impressive

https://blog.jetbrains.com/blog/2024/04/04/full-line-code-completion-in-jetbrains-ides-all-you-need-to-know/

I'd like to share some of my projects that are hosted on ...

2024-09-17T07:26:01Z

I'd like to share some of my projects that are hosted on Github (npub1545…mva5). Let's start with my public #exploits that span more than two decades of #pwning.

https://github.com/0xdea/exploits

"You can't argue with a root shell." -- Felix "FX" Lindner

Probably the most known is raptor_udf.c that targets #MySQL (those of you who solved the OffSec (npub1n4p…t7gf) #OSCP training labs should recognize it).

My favorite is still raptor_rlogin.c, a glorious #Solaris #RCE from the early 2000s. Take your pick!

I finally got my copy of #Phrack71! Impressive work by the new ...

2024-09-09T07:05:10Z

I finally got my copy of #Phrack71!

Impressive work by the new Phrack (npub1am3…j6qn) staff 💚

Come for the #OffensiveRust content, stay for the #ThrashMetal ...

2024-09-03T07:08:45Z

Come for the #OffensiveRust content, stay for the #ThrashMetal revival 🎸 https://infosec.exchange/@hnsec/113072354880406361

what is the source?

2024-08-28T19:13:58Z

In reply to nevent1q…0p74
_________________________

what is the source?

#patchfriday https://patchfriday.com/157/ ...

2024-08-26T05:12:57Z

#patchfriday

https://patchfriday.com/157/

So cool to see my vulnerability research automation work ...

2024-08-12T05:58:08Z

So cool to see my vulnerability research automation work integrated into such a powerful tool! Keep it up ✊
https://infosec.exchange/@securefirmware/112937856513629704

"Sometimes, hacking is just someone spending more time on ...

2022-11-22T16:33:09Z

"Sometimes, hacking is just someone spending more time on something than anyone else might reasonably expect.”

— Jerry Gamblin