"depending on the context "1 in 4" also means 'Guaranteed'" - https://bird.makeup/users/gf_256/statuses/1895366648628158503

Sadly gf_256 is not near here, but this is basically the idea behind the the Probabilistic Method in mathematics :)

https://en.wikipedia.org/wiki/Probabilistic_method

The thing about computer virus detection is once you get deep enough into industry you realize programmers write everything to look like a virus that's going to break the computer.

I'd celebrate #Skype's death with champagne if it wasn't ditched for #!&% teams (yes, lowercase!)

Instead let us enjoy this 2011 presentation about Skype's anti-debug tricks:

https://www.blackhat.com/presentations/bh-europe-06/bh-eu-06-biondi/bh-eu-06-biondi-up.pdf

The end of Skype. It was pretty good until Micro$oft bought it. https://www.nytimes.com/2025/02/28/technology/microsoft-skype-shutting-down.html

I used the Mastodon client hosted at brutaldon.org to connect to infosec.exchange with the elinks browser - the UI is...not great, but I guess it's just my terminal vs the default elinks configs :D

Anyway, you can ditch your uncool, sellout browsers and experience the Fediverse truly freely!

@cR0w You don't need to spin up a server, they have a hosted instance that can connect to infosec.exchange as a client, will post a screenshot in a sec :D

@cR0w https://gitlab.com/brutaldon/brutaldon

@cR0w Took a while until I found elinks that I briefly experimented with: https://github.com/rkd77/elinks

During my search I stumbled upon browsh, that looks pretty cool: https://github.com/browsh-org/browsh (Edit: meh, it runs FF in the background...)

(Tried neither with Mastodon, just ICYMI)

@mttaggart https://github.com/mozilla/bedrock/commit/d459addab846d8144b61939b7f4310eb80c5470e#diff-a24e74e4595fa85440a2f4e7e5dcfe68aba6e1e593aef05a2d35581a91423847L60

Happy Friday! We’re hiring. Kagi is looking for a Flutter Developer, is this you?

https://kagi.peopleforce.io/careers/v/108459-flutter-developer

#FediHire #Remote #Kagi #Search #Flutter

"Running #Ghidra on the same platform as the binaries you’re analyzing isn’t just convenient — it’s strategic."
https://medium.com/@clearbluejar/everyday-ghidra-how-platform-choice-influences-ghidras-binary-analysis-76c40db0e407

@mttaggart Also, the recent git diffs...

Project: mpengine-x64-pdb 1.1.24090.11
File: mpengine.dll
Address: 75a5014fc

PopulateDynamicSectionEntries

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fmpengine-x64-pdb%2F75a5014fc.json&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fmpengine-x64-pdb%2F75a5014fc.json&colors=light

@cR0w Also, it's on the Change Password interface that implies post-auth, yet PR:N...

Poc exploit for CVE-2025-21333 heap-based buffer overflow https://github.com/MrAle98/CVE-2025-21333-POC

The firefox thing might actually be bad… They’re removing every mention of “we don’t sell your data” 😭 https://github.com/mozilla/bedrock/commit/d459addab846d8144b61939b7f4310eb80c5470e

[RSS] The io_uring Promotion in kernelCTF And Two Vulnerabilities Analysis

https://u1f383.github.io/linux/2025/02/28/the-io_uring-promotion-in-kernelCTF-and-two-vulnerabilities-analysis.html

In our latest blog post, we dive into the hidden gems of the Java library c3p0 and explore how it can be leveraged in different exploitation scenarios. Happy reading! 😀

https://mogwailabs.de/en/blog/2025/02/c3p0-you-little-rascal/

Project: openssl-static-gcc-dwarf 3.4.0
File: openssl
Address: 0063e070

RSA_padding_add_PKCS1_PSS_mgf1

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fopenssl-static-gcc-dwarf%2F0063e070.json&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fopenssl-static-gcc-dwarf%2F0063e070.json&colors=light

Why is it that every time I touch an analysis tool I find a blocker bug, but when I touch the target I actually want to analyze...

https://www.youtube.com/watch?v=4G6QDNC4jPs