Got my first CVE (CVE-2024-41908) during my Master's project on fuzzing. The affected product, Siemens NX, has an out-of-bounds read vulnerability (CVSS 7.8). Given the complexity and the size of the app, it was my biggest challenge so far. Details here :

RT @0vercl0k: I just pushed out wtf v0.5.5 where you can now generate full execution traces with both hypervisor backends (winhv & KVM) 🔥🔥…

RT @snyff:

RT @BreizhCTF: #BreizhCTF2024 Un CTF avant le CTF ! Les élèves s’essaient aux challenges concoctés par les étudiants du Pôle Sup de la…

RT @chompie1337: the term ethical hacker is extremely cringe and isn’t a real job

RT @HexRaysSA: Take the time to read our new #PluginFocus article. In this blog post, Arnaud Gatignol (@_anyfun) and Julien Staszewski (@_0…

RT @wmessmer: If you've ever wanted to live debug user mode Linux processes (e.g.: in WSL) from WinDbg, with 1.2402.24001.0, you can! Star…

RT @0vercl0k: There is now a programmatic way for you to record slices of execution with TTD in your own application 🔥 Check out the LiveR…

RT @Intel80x86: I'm happy to announce the release of HyperDbg v0.8! ✨🎉 In this version, we introduce a new event…

RT @0xor0ne: Exploiting a heap based overflow to achieve pre-authentication RCE in Fortinet VPN Credits @bishopfox

RT @horsicq: VMProtect Source Code (Leaked 07.12.2023)

sniff adios NtQuerySystemInformation :(

RT @yarden_shafir: Be prepared to lose your kernel pointers! Windows will soon start restricting KASLR leaks to non-admins:

RT @LiveOverflow: Web Security vs. Binary Exploitation

RT @yarden_shafir: Trying to learn security research and getting overwhelmed by all the details? I just published a guide showing my proces…

RT @0vercl0k: A few weeks ago I ported my Windows user-mode crash dump parser to Rust for another project 🦀 Go try it out and let me know…

RT @edwardzpeng: Sharing our slides for Typhooncon 2023: "Exploiting vulnerbilities in ESXi".

RT @s8n:

RT @mboehme_: Looks like there is a new snapshot-based fuzzer in town. It's also super-well documented. * * https:…

RT @standa_t: Solidify your understanding of virtualization technology and hypervisor implementations for reversing, fuzzing, tooling or yo…