Harnessing 101: A Beginner's Guide to Fuzzing Harnesses
https://gabe-sherman.github.io/2025-09-17-beginning_harnessing/
https://gabe-sherman.github.io/2025-09-17-beginning_harnessing/
Gabriel Sherman
Harnessing 101: A Beginner's Guide to Fuzzing Harnesses | Gabriel Sherman
As a newcomer to the computer security world working on my first paper, No Harness, No Problem: Oracle-guided Harnessing for Auto-generating C API Fuzzing Harnesses, I inevitably spent countless hours studying, building, and running fuzzing harnesses. This…
Order of Six Angles
готовлю доклад для 2600 на тему использования AI для malware analysis/vuln research (в частности MCP серверов) 😀
Дорабатываю доклад про анализ малвари, с помощью LLM, а конкретно IDA MCP server, и презентую обновленный доклад на Sysconf (4 октября, Алматы). Стал использовать Cursor, вместо Cline. В режиме Auto, как я понял, он сам выбирает подходящую модель (gemini, claude, gpt). Попробовал анализировать Rust бинарники, очень хороший результат. В них например трудно найти реальную Main функцию, LLM с этим справилась. Также проверил может ли Cursor строить call graph, результат на скрине. Промпт:
Также LLM помогают мне деобфусцировать код (как на скрине 2), обфусцированный с помощью Control flow flattening
построй граф вызова функции sub_140F05ED0, укажи ее Callers. Также укажи Calee каждой функции и нарисуй диаграмму в формате Mermaid
Также LLM помогают мне деобфусцировать код (как на скрине 2), обфусцированный с помощью Control flow flattening
Order of Six Angles
Дорабатываю доклад про анализ малвари, с помощью LLM, а конкретно IDA MCP server, и презентую обновленный доклад на Sysconf (4 октября, Алматы). Стал использовать Cursor, вместо Cline. В режиме Auto, как я понял, он сам выбирает подходящую модель (gemini,…
Деобфусцированный вариант большой control flow flattened функции
How Does the iOS Kernel Copy Memory? (Virtual Memory Internals)
https://www.youtube.com/watch?v=0hxUEaDp1AA
https://www.youtube.com/watch?v=0hxUEaDp1AA
YouTube
How Does the Kernel Copy Memory so Quickly?
Are you a security researcher or reverse engineer?
For 50% off IDA Products use promo code BILLY50, https://hex-rays.com/pricing *
For 30% off IDA Training use promo code BILLY30, https://hex-rays.com/training **
*License discounts are only valid for individuals…
For 50% off IDA Products use promo code BILLY50, https://hex-rays.com/pricing *
For 30% off IDA Training use promo code BILLY30, https://hex-rays.com/training **
*License discounts are only valid for individuals…
Order of Six Angles
Дорабатываю доклад про анализ малвари, с помощью LLM, а конкретно IDA MCP server, и презентую обновленный доклад на Sysconf (4 октября, Алматы). Стал использовать Cursor, вместо Cline. В режиме Auto, как я понял, он сам выбирает подходящую модель (gemini,…
С помощью IDA MCP можно даже дебажить
RIFT is an open-source tool consisting of a set of IDA Pro (supporting versions >=9.0) plugins and Python scripts that aim to assist reverse engineers and other software analysts in annotating library code in Rust malware.
https://github.com/microsoft/RIFT
https://github.com/microsoft/RIFT
GitHub
GitHub - microsoft/RIFT: Rust Library Recognition Project for Rust Malware by the MSTIC-MIRAGE Team
Rust Library Recognition Project for Rust Malware by the MSTIC-MIRAGE Team - microsoft/RIFT
An in-depth exploration of the Qualcomm KGSL Faults Subsystem, including patch analysis and vulnerability insights for CVE-2024-38399.
https://streypaws.github.io/posts/Fast-and-Faulty-A-Use-After-Free-in-KGSL-Fault-Handling/
https://streypaws.github.io/posts/Fast-and-Faulty-A-Use-After-Free-in-KGSL-Fault-Handling/
StreyPaws
Fast & Faulty - A Use After Free in KGSL Fault Handling
An in-depth exploration of the Qualcomm KGSL Faults Subsystem, including patch analysis and vulnerability insights for CVE-2024-38399.
This repository contains slides and hands-on materials for Emproof's workshop on firmware reverse engineering, presented at ScapyCon Automotive 2025. The workshop targets a technical audience with minimal security experience and teaches the fundamentals through practical, self-contained tasks.
https://github.com/emproof-com/workshop_firmware_reverse_engineering
https://github.com/emproof-com/workshop_firmware_reverse_engineering
GitHub
GitHub - emproof-com/workshop_firmware_reverse_engineering: Workshop on firmware reverse engineering
Workshop on firmware reverse engineering. Contribute to emproof-com/workshop_firmware_reverse_engineering development by creating an account on GitHub.
101 Chrome Exploitation — Part 1: Architecture
https://opzero.ru/en/press/101-chrome-exploitation-part-1-architecture/
https://opzero.ru/en/press/101-chrome-exploitation-part-1-architecture/
Operation Zero EN
101 Chrome Exploitation — Part 1: Architecture - Operation Zero EN
Modern web browsers have evolved from simple document viewers into sophisticated platforms capable of running complex web applications. At the heart of this transformation lies a carefully orchestrated architecture built around three fundamental components:…
Analysing a 1-day Vulnerability in the Linux Kernel's TLS Subsystem
https://faith2dxy.xyz/2025-10-02/kCTF-TLS-nday-analysis/
https://faith2dxy.xyz/2025-10-02/kCTF-TLS-nday-analysis/
faith2dxy.xyz
Analysing a 1-day Vulnerability in the Linux Kernel's TLS Subsystem
I recently decided to start doing some Linux kernel security research in my free time, with the goal of creating one of my own submissions in Google's kernelCTF…
"The Evolution of macOS Security from the Desert to the Lake" слайды
https://theevilbit.github.io/talks_workshops/2025/MacSysAdmin2025-Csaba-Fitzl-Evolution-of-macOS-Security.pdf
https://theevilbit.github.io/talks_workshops/2025/MacSysAdmin2025-Csaba-Fitzl-Evolution-of-macOS-Security.pdf
ANALYZING WINPMEM DRIVER VULNERABILITIES
https://static.ernw.de/whitepaper/ERNW_White_Paper_73-Analyzing_WinpMem_Driver_Vulnerabilities_1.0_signed.pdf
https://static.ernw.de/whitepaper/ERNW_White_Paper_73-Analyzing_WinpMem_Driver_Vulnerabilities_1.0_signed.pdf
BYOVD to the next level (part 2) — rootkit like it's 2025
https://blog.quarkslab.com/exploiting-lenovo-driver-cve-2025-8061_part2.html
https://blog.quarkslab.com/exploiting-lenovo-driver-cve-2025-8061_part2.html
Quarkslab
BYOVD to the next level (part 2) — rootkit like it's 2025 - Quarkslab's blog
Bring Your Own Vulnerable Driver (BYOVD) is a well-known post-exploitation technique used by adversaries. This blog post is part of a series. In part one we saw how to abuse a vulnerable driver to gain access to Ring-0 capabilities. In this second and final…
The Emulator's Gambit: Executing Code from Non-Executable Memory
https://redops.at/en/blog/the-emulators-gambit-executing-code-from-non-executable-memory
https://redops.at/en/blog/the-emulators-gambit-executing-code-from-non-executable-memory
RedOps - English
The Emulator's Gambit: Executing Code from Non-Executable Memory - RedOps
Recon 2025 - Breaking Obfuscated .NET Malware with Profiler Based Dynamic Binary Instrumentation
https://www.youtube.com/watch?v=jPDJ_Zo6jiY
https://www.youtube.com/watch?v=jPDJ_Zo6jiY
YouTube
Recon 2025 - Breaking Obfuscated .NET Malware with Profiler Based Dynamic Binary Instrumentation
Recon 2025 - Breaking Obfuscated .NET Malware with Profiler Based Dynamic Binary Instrumentation
Presenters: Lars Wallenborn, Tillmann Werner, Sebastian Walla, Steffen Haas
As malware authors increasingly adopt .NET for its ease of development and stability…
Presenters: Lars Wallenborn, Tillmann Werner, Sebastian Walla, Steffen Haas
As malware authors increasingly adopt .NET for its ease of development and stability…