Project: openssl-static-gcc-dwarf 3.4.0
File: openssl
Address: 00867b00

____strtol_l_internal

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fopenssl-static-gcc-dwarf%2F00867b00.json&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fopenssl-static-gcc-dwarf%2F00867b00.json&colors=light

@Sempf Oh OK, the TCP-level DDoS protection is obviously secret sauce, so you'll end up in trial&error. My educated guess is that if you are not too aggressive with timings and do proper TCP handshakes (-sT IIRC) you should be fine, and if something triggers than suddenly all your connections will fail so -vvv and keep an eye on logs.

@Sempf why on earth would you nmap a cdn? you won't see the origin ports, and even at the application layer you'd only see the proxy. there may be some L7 proxy trickery or even some TCP level magic that works, but nmap is not the right tool to test those.

RE: https://infosec.exchange/@BleepingComputer/115367382398075001

Another one??

A new breed of analyzers.

And they use AI.

https://daniel.haxx.se/blog/2025/10/10/a-new-breed-of-analyzers/

Frida 17.4 introduces Simmy, a new backend for Apple’s Simulators on macOS.

Spawn, attach, and instrument apps — just like on a real device. #ios #reverseengineering

If you're curious, here are 158 of Joshua's reported issues on #curl to give you an idea what we talk about.

We have manually gone trough them all and dismissed or addressed them. None of them has been deemed a security problem. Not all the PRs for the valid problems have been merged yet.

https://gist.github.com/bagder/d1fff7f0471fbbe71354048a282e098e

It took four years, but now there is spec for lock files https://snarky.ca/why-it-took-4-years-to-get-a-lock-files-specification/

[RSS] In-depth analysis and deobfuscation of Zelix KlassMaster's flow obfuscation

https://github.com/LvStrnggg/zkm-flow

[RSS] Hacking the Nokia Beacon 1 Router: UART, Command Injection, and Password Generation with Qiling

https://spaceraccoon.dev/nokia-beacon-router-uart-command-injection/

Sent from Los Gatos, California, U.S.A. on July 16, 1995. https://postcardware.net/?id=36-67

@foolishowl @danirabbit do you have an idea why they won't use Signal? It's free and easy, but I got similar responses about installing it before, never knew why.

Trend Micro's ZDI has reported 13 vulnerabilities in the Ivanti Endpoint Manager that are still unpatched after the vendor requested an extension until March next year

https://www.zerodayinitiative.com/advisories/published/

INTERVIEW of "MB" WhereWarlocksStayUpLate:

https://wherewarlocksstayuplate.com/interview/mohammed-bagha/

You have inspired many. We are fans:⚡️🌊🎠

https://wherewarlocksstayuplate.com/interview/mohammed-bagha/

Learn Turbo Pascal - a video series originally released on VHS

https://www.youtube.com/watch?v=UOtonwG3DXM

#pascal #turbopascal #retrocomputing

The IBM System/360 machine instructions reference card #s360 #assembly #mainframe https://archive.computerhistory.org/resources/access/text/2010/05/102678081-05-01-acc.pdf

@jautero This reminds me that the Sun isn't very hot, there's just lots of it[1] :)

I think this is a reasonable stance. What I do find unreasonable are design choices that (sorry, example again) make people shovel down megabytes of code into a client-side VM to display black on white text. I don't think this would cross anyones mind 20y ago, and not only because perf constraints. But our thinking changed at some point.

[1] https://www.youtube.com/watch?v=6tu0mIpX8nU

@jautero I qouted an example and there are others in the post. Also, not even considering performance, have you ever used MS Teams and thought "hmm, that's some fine piece of software"?

Yes we are all normal here in HUMANSVILLE. We are all HUMANS of course. No need to check.

The Debugging Book

Interactive guide exploring automated debugging, testing, and program repair with Python examples for researchers and developers.

https://www.debuggingbook.org/

#Fuzzing #Testing