infosec.place

buherator

@buherator

Posts

3025

Following

700

Followers

1549

"I'm interested in all kinds of astronomy."

Personal

https://scrapco.de

GitHub

https://github.com/v-p-b

Nudes

https://infosex.exchange

buherator

1 month ago

https://apnews.com/article/japan-softbank-son-nvidia-ai-chips-d8a10172850628c317a214280a4d94c9

buherator

1 month ago

This article highlights how much control endpoint security vendors have over customer machines, and transitively over companies and maybe even nations:

https://www.huntress.com/blog/rare-look-inside-attacker-operation

You only install this stuff, because you trust the vendor (and their government, etc.). Or not, see Kaspersky vs. US.

#AntiVirus #EDR #HackBack

buherator

1 month ago

/me after a chill Sunday with #IDAPython

I'm now basically doing this out of spite.

buherator

1 month ago

I'm old enough to remember years ago comrades predicting the inevitable fall of software and services which work just fine today.

buherator

1 month ago

Reply to @freddy@security.plumbing

@freddy The Machine Spirit only accepts such an invocation if you first offer the sacrifice of debugging.

buherator

2 months ago

As a result of working on r4ghidra I set the ambitious goal to create REshare, an exchange format for #ReverseEngineering tools:

https://github.com/v-p-b/reshare/

The code is still in its early days (literally) but the fact that it works with complex, real life binaries tells me that this goal is worth pursuing.

I'm looking for contributors, esp. for #BinaryNinja, #IDA and #radare2 scripting so we can bring all these worlds together!

buherator

2 months ago

My talk about integrating #ReverseEngineering tools is to be broadcasted in a couple of hours for #r2con2025:

https://rada.re/con/2025/

I'll release a ton of code and will be around on Discord for questions and comments.

buherator

2 months ago

Thanks to @disasmwinnie now you'll lose a bit less hair when testing Oracle Forms:

https://github.com/silentsignal/oracle_forms/pull/3#issuecomment-3434380477

#pentesting

buherator

3 months ago

This website just made my day, what a beauty! 😍

https://undocumented.ntinternals.net/

buherator

3 months ago

Reply to @algernon@come-from.mad-scientist.club

@algernon @tauon

buherator

3 months ago

/me trying hard not to antropomorphise the LLM

buherator

3 months ago

Reply to @gsuberland@chaos.social

@gsuberland

buherator

4 months ago

Reply to @tmr232@mastodon.social

@tmr232

buherator

4 months ago

Reply to @tychotithonus@infosec.exchange

@tychotithonus

buherator

4 months ago

I combined DEVCORE's CVE-2024-35250 with the CVE-2024-30084 double fetch bug and the Cloud Filter memory trap technique by @tiraniddo to achieve reliable LPE without device requirements on Win10 VMs.

https://scrapco.de/blog/its-a-trap-reliable-exploitation-of-cve-2024-30084.html