From arbitrary pointer dereference to arbitrary read/write in latest Windows 11
https://security.humanativaspa.it/from-arbitrary-pointer-dereference-to-arbitrary-read-write-in-latest-windows-11/
https://security.humanativaspa.it/from-arbitrary-pointer-dereference-to-arbitrary-read-write-in-latest-windows-11/
HN Security
From arbitrary pointer dereference to arbitrary read/write in latest Windows 11 - HN Security
In the last part of this Windows kernel exploitation series, we successfully exploited an arbitrary pointer dereference, bypassing SMEP and […]
Next.js, cache, and chains: the stale elixir
https://zhero-web-sec.github.io/research-and-things/nextjs-cache-and-chains-the-stale-elixir
https://zhero-web-sec.github.io/research-and-things/nextjs-cache-and-chains-the-stale-elixir
A sandbox environment designed specifically for malware development and payload testing.
https://github.com/BlackSnufkin/LitterBox
https://github.com/BlackSnufkin/LitterBox
GitHub
GitHub - BlackSnufkin/LitterBox: A secure sandbox environment for malware developers and red teamers to test payloads against detection…
A secure sandbox environment for malware developers and red teamers to test payloads against detection mechanisms before deployment. Integrates with LLM agents via MCP for enhanced analysis capabil...
AFLNet Five Years Later: On Coverage-Guided Protocol Fuzzing
https://mpi-softsec.github.io/papers/TSE25-aflnet.pdf
https://mpi-softsec.github.io/papers/TSE25-aflnet.pdf
Process Hollowing on Windows 11 24H2
https://hshrzd.wordpress.com/2025/01/27/process-hollowing-on-windows-11-24h2/
https://hshrzd.wordpress.com/2025/01/27/process-hollowing-on-windows-11-24h2/
hasherezade's 1001 nights
Process Hollowing on Windows 11 24H2
Process Hollowing (a.k.a. RunPE) is probably the oldest, and the most popular process impersonation technique (it allows to run a malicious executable under the cover of a benign process). It is us…
Хороший обзор
ATTACKERS ADOPT EXOTIC PROGRAMMING LANGUAGES
https://www.blackberry.com/content/dam/blackberry-com/asset/enterprise/pdf/direct/report-old-dogs-new-tricks.pdf
ATTACKERS ADOPT EXOTIC PROGRAMMING LANGUAGES
https://www.blackberry.com/content/dam/blackberry-com/asset/enterprise/pdf/direct/report-old-dogs-new-tricks.pdf
Safeguarding Code Against Reverse Engineering
https://www.youtube.com/watch?v=Ie1eZSiMEJ8
https://github.com/emproof-com/webinars/tree/main/2025-01-software_protection
https://www.youtube.com/watch?v=Ie1eZSiMEJ8
https://github.com/emproof-com/webinars/tree/main/2025-01-software_protection
Lifting Binaries, Part 0: Devirtualizing VMProtect and Themida: It's Just Flattening?
https://nac-l.github.io/2025/01/25/lifting_0.html
https://nac-l.github.io/2025/01/25/lifting_0.html
Naci’s blog
Lifting Binaries, Part 0: Devirtualizing VMProtect and Themida: It’s Just Flattening?
Table Of Contents
Reverse-engineering and analysis of SanDisk High Endurance microSDXC card
https://ripitapart.com/2020/07/16/reverse-engineering-and-analysis-of-sandisk-high-endurance-microsdxc-card/
https://ripitapart.com/2020/07/16/reverse-engineering-and-analysis-of-sandisk-high-endurance-microsdxc-card/
Rip It Apart - Jason's electronics blog-thingy
Reverse-engineering and analysis of SanDisk High Endurance microSDXC card
As seen on Hackaday! TL;DR – The SanDisk High Endurance cards use SanDisk/Toshiba 3D TLC Flash. It took way, way more work than it should have to figure this out (thanks for nothing, SanDisk!…
This media is not supported in your browser
VIEW IN TELEGRAM
Когда дебажил 8 часов