Intro When analyzing the security of mobile applications, it’s important to verify that all data is stored securely (See OWASP MASVS-STORAGE-1). A recent engagement involved a Flutter app tha…

Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features. - eversinc33/Banshee

Jeremy Blackthorne goes over the major features of Ghidra in his highly interactive 2 hour workshop Reversing with Ghidra.

GitHub Gist: instantly share code, notes, and snippets.

Android 14 kernel exploit for Pixel7/8 Pro. Contribute to 0x36/Pixel_GPU_Exploit development by creating an account on GitHub.

Join me with my guest Duncan Ogilvie, developer of x64dbg, as he shows us around the tool and shares some Windows debugging techniques. x64dbg is the only actively maintained userland debugger outside of WinDbg, and aims to be much more intuitive and easy…

Native code virtualizer for x64 binaries. Contribute to snowsnowsnows/EagleVM development by creating an account on GitHub.

Flutter is a cross-platform application development platform. With the same codebase, developers write and compile native applications for Android,...

Dealing with Virtualization-Based Security (VBS), Hypervisor-Protected Code Integrity (HVCI), and Kernel Control Flow Guard (kCFG).

Fuzzing IoT Devices Using the Router TL-WR902AC as Example - otsmr/blackbox-fuzzing

In this blogpost, I want to explain two topics from a theoretical and practical point of view: How to fuzz windows binaries with source code available (this part is for developers) and How to deal with big input files (aka heatmap fuzzing) and crash analysis…

Ever wondered how compiler mitigations are built? Or how a sophisticated build chain attack can target a compiler to place backdoors and other miscreants? Wonder no more, this talk shows you how to build your own compiler pass, and modify any source code…

TP-Link's TDDP programs fail to properly verify data length during parsing, leading to memory structure destruction and denial of service.

Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies - naksyn/Embedder

This second article describes how to convert a Silo into a Server Silo in order to create a Windows Container. In addition, it dives into certain Kernel side Silo mechanisms.

In Part 4, we focus on the PE+ file format's entry points, specifically the AddressOfEntryPoint and TLS callbacks. The video covers how to find the AddressOfEntryPoint, its role, and entry points' precedence. It also explains locating the IMAGE_TLS_DIRECTORY…

Diving into how PCIe devices transfer data (Part 2 of the series)