Alaid TechThread – Telegram

Alaid TechThread

@offensive_thread

396 subscribers

6 photos

1 video

80 files

1.29K links

Vulnerability discovery, threat intelligence, reverse engineering, AppSec

Download Telegram

About

Blog

Apps

Platform

Alaid TechThread

396 subscribers

Alaid TechThread

GDBFuzz: Debugger-Driven Fuzzing

https://github.com/boschresearch/gdbfuzz

GitHub - boschresearch/gdbfuzz: Fuzzing Embedded Systems using Hardware Breakpoints

Fuzzing Embedded Systems using Hardware Breakpoints - boschresearch/gdbfuzz

129 views07:35

Alaid TechThread

QLORA: Efficient Finetuning of Quantized LLMs

https://arxiv.org/pdf/2305.14314.pdf

🔥1

125 views17:33

Alaid TechThread

OffensiveCon23 - Samuel Groß & Carl Smith - Advancements in JavaScript Engine Fuzzing

https://www.youtube.com/watch?v=Yd9m7e9-pG0

OffensiveCon23 - Samuel Groß & Carl Smith - Advancements in JavaScript Engine Fuzzing

https://www.offensivecon.org/speakers/2023/samuel-gross-and-carl-smith.html

111 views15:45

Alaid TechThread

OffensiveCon23 - Stacksmashing- Inside Apple’s Lightning: JTAGging the iPhone for Fuzzing and Profit

https://www.youtube.com/watch?v=-nFWcKHIUN4

OffensiveCon23 - Stacksmashing- Inside Apple’s Lightning: JTAGging the iPhone for Fuzzing and Profit

https://www.offensivecon.org/speakers/2023/ghidraninja.html

124 views15:50

Alaid TechThread

Forwarded from Т-Образование

Если вы знаете основы информационной безопасности, умеете искать уязвимости в системах и уважаете конфиденциальность — вам определенно может быть интересна эта стажировка 🔒

Три команды — AppSec, DevSecOps и Security Research — готовы взять стажеров на лето на полный рабочий день с возможностью в дальнейшем перейти в штат. Работать можно удаленно или в одном из офисов в России, Беларуси или Казахстане по договоренности с командой.

Отбор будет в два этапа: онлайн-экзамен (плюс анкета) и интервью. Подробности о командах и задачах, ссылки на материалы для подготовки, а также форма для заявки — по ссылке: https://l.tinkoff.ru/information_security2023

👍3🔥2👎1

148 views16:06

Alaid TechThread

Fine-Grained Coverage-Based Fuzzing

https://binsec.github.io/assets/publications/slides/2023-tosem.pdf

👍1

139 views09:04

Alaid TechThread

Fuzzing: The Age of Vulnerability Discovery

https://fuzzing.io/woot23.pdf

319 views16:50

Alaid TechThread

Seccomp Filters from Fuzzing

119 views21:09

Alaid TechThread

indirect syscalls for AV/EDR evasion in Go assembly

https://github.com/f1zm0/acheron

GitHub - f1zm0/acheron: indirect syscalls for AV/EDR evasion in Go assembly

indirect syscalls for AV/EDR evasion in Go assembly - f1zm0/acheron

135 views23:55

Alaid TechThread

Khaos: The Impact of Inter-procedural Code Obfuscation on Binary Diffing Techniques

122 views22:12

Alaid TechThread

maier_dominik.pdf

AUTOMATED SECURITY TESTING OF UNEXPLORED TARGETS THROUGH FEEDBACK-GUIDED FUZZING

👍2

133 views22:26

Alaid TechThread

RUST BINARY ANALYSIS, FEATURE BY FEATURE

https://research.checkpoint.com/2023/rust-binary-analysis-feature-by-feature/

Check Point Research

Rust Binary Analysis, Feature by Feature - Check Point Research

Problem Statement You attempt to analyze a binary file compiled in the Rust programming language. You open the file in your favorite disassembler. Twenty minutes later you wish you had never been born. You’ve trained yourself to think like g++ and msvc: Here’s…

158 views20:35

Alaid TechThread

HOPPER: DISTRIBUTED FUZZER

https://www.flux.utah.edu/download?uid=319

134 views06:37

Alaid TechThread

Advanced binary fuzzing using AFL++-QEMU and libprotobuf

https://airbus-seclab.github.io/AFLplusplus-blogpost/

137 viewsedited 08:50

Alaid TechThread

GraphBinMatch: Graph-based Similarity Learning for Cross-Language Binary and Source Code Matching

https://arxiv.org/pdf/2304.04658.pdf

👍1

144 views21:27

Alaid TechThread

UniASM: Binary Code Similarity Detection without Fine-tuning

https://arxiv.org/pdf/2211.01144.pdf

146 views21:29

Alaid TechThread

The art of Fuzzing: Introduction

https://bushido-sec.com/index.php/2023/06/19/the-art-of-fuzzing

Bushido Security

The art of Fuzzing: Introduction. - Bushido Security

This fuzzing introduction cover all the essentials one should know about the art of fuzzing. It explain major concept and illustrate it with and hands-on exercise the reader can follow. In conclusion some hints are given on how to hunt for bugs with fuzzing.

🔥1

181 views09:40

Alaid TechThread

Fuzzing Farm

https://ricercasecurity.blogspot.com/2023/07/fuzzing-farm-1-fuzzing-gegl-with-fuzzuf.html

https://ricercasecurity.blogspot.com/2023/07/fuzzing-farm-2-evaluating-performance.html

Fuzzing Farm #2: Evaluating Performance of Fuzzer

Author: hugeh0ge Introduction This article is Part 2 of the 4 blog posts in the Fuzzing Farm series. You can find the previous post at...

👍2

167 views18:00

Alaid TechThread

Fuzz Introspector: optimizing fuzzing workflows

https://openssf.org/blog/2023/07/20/fuzz-introspector-optimizing-fuzzing-workflows/

👍2

181 views16:43

Alaid TechThread

Introducing OSS-Fuzz insights

https://blog.deps.dev/oss-fuzz/

🔥1

195 views09:31

Alaid TechThread

Compromising Garmin’s Sport Watches: A Deep Dive into GarminOS and its MonkeyC Virtual Machine

https://www.anvilsecure.com/blog/compromising-garmins-sport-watches-a-deep-dive-into-garminos-and-its-monkeyc-virtual-machine.html

Compromising Garmin's Sport Watches: A Deep Dive into GarminOS and its MonkeyC Virtual Machine - Anvil Secure

I reversed the firmware of my Garmin Forerunner 245 Music back in 2022 and found a dozen or so vulnerabilities in their support for Connect IQ applications. They can be exploited…

👍2

202 views13:57