Posts
3756
Following
723
Followers
1596
"I'm interested in all kinds of astronomy."
buherator
repeated
ITOmarHernandez@tabletop.social

IT Omar 😷 🔜 PaxU

Edited 2 years ago

This is someting I wish I'd realized a lot sooner in life.

0
5
0
buherator
repeated
blacktop@mastodon.social

blacktop

High level diff of iOS 26.5 beta1 vs. iOS 26.5 beta1 (v2) 🎉

https://github.com/blacktop/ipsw-diffs/blob/main/26_5_23F5043g__vs_26_5_23F5043k/README.md

0
1
0
buherator

buherator

Reply to @nixCraft@mastodon.social
@nixCraft I'm on this picture and don't like it
0
2
3
buherator
repeated
nixCraft@mastodon.social

nixCraft 🐧

😂 credit https://ashermaxperlman.com/#cartoons

2
4
0
buherator
repeated
timb_machine@infosec.exchange

Tim (Wadhwa-)Brown donor

Interesting Git repos of the week:

Threats:

* https://github.com/haxrob/BPFDoor-controller-source - yay, BPFDoor source

Detection:

* https://github.com/davidjurgens/hallucinated-reference-finder - how many of those references are horseshit?
* https://github.com/Cybereason-Public/owLSM - kernel based Sigma rules powered by eBPF

Exploitation:

* https://github.com/zh54321/SharePointDumper - dump SharePoint
* https://github.com/Byxs20/Krb5RoastParser - have PCAPs, can cookie
* https://github.com/shellkraft/Anvil - analyse thick clients
* https://github.com/bethgelab/foolbox - mislead that neural network
* https://github.com/Oros42/IMSI-catcher - build your own IMSI catcher
* https://github.com/pullmoll/trusttrust - sample code for Reflections on trusting trust
* https://github.com/ZephrFish/BugBountyTemplates - bug bounty templates
* https://github.com/JoasASantos/Offensivesecurity-Checklists - helpful checklists for pen testing

Hard hacks:

* https://github.com/PentHertz/urh-ng - analyse RF protocols and abuse SDR
* https://github.com/wh1te4ever/super-tart-vphone-writeup - bulld your own virtual iPhone
* https://github.com/34306/vphone-aio - virtual iPhone images

Hardening:

* https://github.com/cisco-ai-defense/defenseclaw - watch where you're sticking that claw

, ,

0
2
0
buherator

buherator

Is your KitKat Stolen?
https://nestlecorporate.qualifioapp.com/quiz/1776864_2455/CDCG-KITKAT-STOLEN-FORM.html
0
5
4
buherator

buherator

Reply to @osxreverser@mastodon.social
@osxreverser have you read this classic? https://www.direkt36.hu/en/megszolal-a-nyomozo-aki-belulrol-ismeri-a-tisza-elleni-muvelet-ugyet/
0
0
0
buherator

buherator

Reply to @osxreverser@mastodon.social
@osxreverser I bet most ppl around here don't know who the guy is in the first place. Local politics are so polarized the visit won't change a thing anyway.
1
0
0
buherator
repeated
bolt451.bsky.social@bsky.brid.gy

Frey has a free writing Patreon

This quote from Apollo 14 astronaut Edgar Mitchell has been in my head the last few days

0
5
0
buherator
repeated
imperio@toot.cat

Guillaume Gomez

docs.rs builds are about to change. If you have crates published on crates.io/docs.rs, I recommend you read this blog post in case you might be impacted by this change: https://blog.rust-lang.org/2026/04/04/docsrs-only-default-targets/

0
4
0
buherator
repeated
nash@labyrinth.social

nash

you ever write code so inefficient they have to update the whole power grid

5
18
0
buherator
repeated
algernon@come-from.mad-scientist.club

political campaign enjoyer

My Dad sends me horrible Dad jokes all the time, but sometimes he tells one that hits hard. This is one of those times.

"My favourite time of the year is campaign time. It's the only time I see politicans hang from trees."

1
3
1
buherator
repeated
quarkslab@infosec.exchange

quarkslab

Tired of reversing the same libc for the 100th time? 👀

Meet SightHouse, our open-source tool that automatically detects third-party library functions in binaries.
High-confidence function mapping. Works with any disassembler. By @Mad5quirrel & Sami.

🔗 https://blog.quarkslab.com/sighthouse-automated-function-identification.html

0
4
0
buherator
repeated
itm4n@infosec.exchange

Clément Labro

🆕 New blog post!

"BitLocker's Little Secrets: The Undocumented FVE API"

A small Windows RE adventure to figure out how to get the status and configuration of a BitLocker protected drive programmatically and without admin privileges.

Now also implemented in PrivescCheck! 🔥

👉 https://itm4n.github.io/bitlocker-little-secrets-the-undocumented-fve-api/

1
7
0
buherator
repeated
campuscodi@mastodon.social

Catalin Cimpanu

Node.js pauses bug bounty program after a funding lapse

They were sponsored by IBB, a program funded by Microsoft, Meta, Adobe, and a bunch of other tech giants

Unclear what happened there

https://nodejs.org/en/blog/announcements/discontinuing-security-bug-bounties

0
3
0
buherator

buherator

Reply to @wdormann@infosec.exchange
@wdormann similar experience when using itunes for the first and the last time: importing a disk is nowhere to be found in the menu. The only way to do that is drag&drop. Like, how am I supposed to figure that out?
0
0
2
buherator
repeated
p0bot

Project Zero Bot

New Project Zero issue:

vpu driver allocation and free of dmabuf and iova can race causing UAF read

https://project-zero.issues.chromium.org/issues/465824679

CVE-2026-0121
0
1
0
buherator

buherator

[RSS] Mongoose: Preauth RCE and mTLS Bypass on Millions of Devices

https://www.evilsocket.net/2026/04/02/Mongoose-Preauth-Remote-Code-Execution-and-mTLS-Bypass/
0
4
2
buherator

buherator

[RSS] Review of AzireVPN and Malwarebytes Privacy VPN

https://x41-dsec.de/security/research/news/2026/04/02/malwarebytes/
0
2
2
buherator
repeated
simplenomad@rigor-mortis.nmrc.org

Simple Nomad

Edited yesterday

Here's a fun post for pro- and anti-AI infosec people alike - guess who is going to have to "fix" AI? If you're thinking "not me" well, think again.

https://www.markloveless.net/blog/2026/4/2/the-uncomfortable-effects-of-ai

0
4
0
Show older
About infosec.place

Terms of Service

This is a placeholder, overwrite this by putting a file at 

$STATIC_DIR/static/terms-of-service.html

See the Static Directory docs for more info.