OpenBSD sounding the death cry of generic memory exploitation https://www.openbsd.org/papers/csw2023.pdf
#infosec #exploitdev

📢 Don’t forget to sign up for one of our advanced hands-on #infosec trainings! The first week of #RETURN23XPLOIT is only a few days away. Our trainings offer hands-on instruction from top industry experts. In week 1, learn #Diffing, #ExploitDev, #ARM64, #ReverseEngineering, #IDAPro & more. Don't miss out!

https://ringzer0.training/

#cybersecurity #training

Binder VMA bug from projectzero just unrestricted: https://bugs.chromium.org/p/project-zero/issues/detail?id=2374
CVE-2023-20928 #binder #android #vulndev #exploitdev

Level up your #cybersecurity skills with #RETURN23XPLOIT! Our trainings offer hands-on instruction from top industry experts. In week 1, learn #Diffing, #ExploitDev, #ARM64, #ReverseEngineering, #IDAPro & more. Don't miss out!

https://ringzer0.training/

#infosec #training

RT @binaryz0ne@twitter.com

Important note to those new to this account. The course below is completely FREE. I know someone (maybe more) has ripped the videos & probably now the labs & is selling them on @udemy@twitter.com. Please do not pay for this course, it is FREE! #ExploitDev #Offsec
https://exploitation.ashemery.com/

🐦🔗: https://twitter.com/binaryz0ne/status/1610770491429486600

Just finished uploading the final set of labs that are published publicly. That's all folks for now. Hope they will be useful to someone out there!... #RE #Offsec #ExploitDev #SoftwareExploitation

https://exploitation.ashemery.com

I don't think I posted one here yet, so:

#introduction #introductions

I'm into #infosec - I've done application/bootloader/embedded #ReverseEngineering / #reversing but also know my way around #appsec and #websec and #ExploitDev :)

I like #SoftwarePreservation (keep copying those floppies and dumping all the rare media!)

I like #gameing #gaming but haven't really played anything that much recently. Historically I've enjoyed #pokemon (I have a wood carving of blaziken on my wall!) #mario #metroid #halo #fifa - I prefer using console because I prefer to work on my PC and big games take up so much disk space these days! (Not to mention I've heard about lots of invasive anti-cheat that flags just having typical reversing tools open!)

I don't like cats, I prefer #dogs :)

I like watching sports sometimes - association #football, #tennis, #snooker mainly.

I've got a style question for all of the #infosec and #ctf people out there.

When you write ROP chains, how do you arrange your code? How do you document it, and how do you make sure you can still understand it later?

I've landed on something like the attached example, where I build a stack out of named integer constants. The names are chosen based on the gadgets they represent. I then write high-level comments to try to encode the purpose of each gadget.

This is easy enough for simple linear code, but gets messy for a stack that needs to change at runtime.

What clever tricks have you come up with to make your ROP spaghetti more readable?

#documentation #exploitdev

Does anyone have an example of an exploit that sends multiple HTTP requests to two different hosts? Has that edge-case ever occurred or does every HTTP based exploit target a single host?
#exploitdev

damn, time to do some reading.
#threathunting #exploitdev #whatthefuckery

https://twitter.com/lordx64/status/1598023663328014336?s=20&t=Dem3pdkudeRcRhy7pNKODg

Ok so now with the ASCII art banner & rick roll I guess that means my proof-of-concept exploit is complete. 👉👈🥺

#ExploitDev

How should XSS exploits be printed out?
#xss #poll #websecurity #exploits #exploitdev

What tools and services do people use when #bughunting and doing #exploitdev research on #email? Not touched on this at all yet and while i have found some python libs for crafting specific MIME headers im wondering if there is anything more advanced/mature/refined than me rolling it all myself?

Also, taking recommendations for #smtp services for testing, socketlab or mailgun look good and have pretty fleshed out APIs, any others?

#ROP #ExploitDev #exploitation

Dumb Question, and I'm sure it's been asked before, but is there a repo somewhere of trivially exploitable *nix binaries for testing/demo purposes? Preferably with Makefiles that disable all of the fancy mitigations.
#appsec #exploitation #exploitdev #binaries

RT @ke_0z@twitter.com

First post in a very long while , #qiling #ctf #arm #exploitdev and
#ReverseEngineering , an ARM exploit dev challenge/write up using IDA PRO, GDB and Qiling (@qiling_io@twitter.com)

https://0z.ke/arm-qiling-ctf/

🐦🔗: https://twitter.com/ke_0z/status/1592160963561668609

In the spirit of moving away from the hellbird site and embracing other platforms, what #discord servers do the #infosec crowd enjoy? #malware and #exploitdev ones specifically, although i am sceptical one exists that i would enjoy being a part of - iv joined a few before that descended into all sorts of /chan nonsense quite quickly, sadly. #discord

Apparently #introduction posts are a thing here.

Hello! My name is Andrew. Originally from the Pacific northwest, but now reside in the midwest. I am a college professor, teaching classes in #cprogramming , #assembly , #reverseengineering , and #exploitdev .

I love playing #chess . I have two dogs. If you have any dogs, please feel free to send me pictures of them.

Be excellent to each other. ✌️

I've enjoyed writing proxy tools in #rustlang so much, I decided to try my hand at this RC4-MD4 downgrade from @tiraniddo Now just need to decrypt the session key... #redteam #offsec #exploitdev

#introduction #introductions

Given that in my absense, the instance where my old infosec-adjacent account was has shut down, let's go for this one.

I am also @slipstream - which will remain for personal stuff (although haven't logged in in years). Would log in and update it but m.s appears to be getting hammered right now!

I'm into #ReverseEngineering at heart (malware, applications, bare-metal, embedded, I've done it all at some point).

Also into #ExploitDev. Found quite a few bugs in the Windows bootloaders.

I know my way around appsec/websec, and the typical cryptography related issues. (Even found a fakesigning bug in the Windows Boot Manager, thankfully that never made its way to an actual RTM build!)

My favourite bug class is fakesigning, although I haven't done any cryptocurrency smart contract research (not sure if I ever will, even though that appears to be where the massive bug bounties are right now...)