@RoganDawes This may also be useful for Git version matching:

https://github.com/silentsignal/burp-git-version

On zero days & exploit engineering, part 1

https://www.youtube.com/watch?v=QFWPxji5egI

Video by Alisa Esage

[oss-security] Xen Security Advisory 468 v3 (CVE-2025-27462,CVE-2025-27463,CVE-2025-27464) - WinPVDrivers: Excessive permissions on user-exposed devices

https://www.openwall.com/lists/oss-security/2025/05/27/1

New Rapid7 Analysis on AttackerKB topic: CVE-2024-58136

"Yii framework is a component-based MVC web application framework, providing developers with the building blocks to create complex web applications including modules for authentication, database access, REST etc ..."

Link: https://attackerkb.com/topics/622fff34-7ccf-4193-8a78-60e6b21d8811

Defcon forums have to be RCE’d once a year, I don’t make the rules!
https://chaos.social/@christopherkunz/114579265339897261

[RSS] Windows IRQL explained

https://haxo.games/blog/10/windows-irql-explained

Fine, I made my own Markdown to HTML document generator (with Blackjack and hookers):

https://github.com/v-p-b/sugardocy

It takes a single MD file, and outputs a single, self-contained HTML file without downloading the kitchen sink.

Contributions are welcome, esp. if you have better taste and frontend skills than I do.

@chungyc @alios @troed That's what I'm trying to do rn, and I will probably get there at some point, but what I'm looking for is a complete solution.

@mcc in several ways - though not all - I would argue that documentation is the _only_ technology, in that it advances the state of the art of what is known, can be constructed, can be built upon, and can be abstracted and generalized.

Without documentation, a new invention is just a device: interesting, perhaps so much so that it sparks inspiration in someone else to understand it, but it goes little further than that until it is documented in a way intended to communicate its key insights.

@hibbittsdesign This is a great service but I'm looking for something completely offline.

@troed @singe This is also a great start:

https://jez.io/pandoc-markdown-css-theme/

@troed @singe Yes, in case of Pandoc I think a nice collection of unified styles would be great. pandoc-templates.org is a good start, but each template works differently as they are maintained by several people for several purposes.

@virtualabs Nice, thank you!

[RSS] Micropatches Released for Microsoft Management Console Security Feature Bypass Vulnerability (CVE-2025-26633)

https://blog.0patch.com/2025/05/micropatches-released-for-microsoft.html

@alios @troed I think static site generators are overkill for my use-case: I don't want to edit config files or maintain a Git repo. The optimal solution would be a command line utility that takes a style name and one .md file and outputs one HTML file, simple as that.

@singe Pandoc would be great but I'm yet to find a project that provides nice styles *and* documents how to use them with Pandoc.

I need a tool that can generate self-contained HTML pages from #Markdown with different styles.

markdown-styles looks really close, but I wonder if there are alternatives (preferably not requiring NodeJS):

https://github.com/mixu/markdown-styles

V now supports 3 more architectures:

- loongarch64
- riscv32
- s390x (IBM Z)

@b0rk Not exactly, but a privileged binary can take it granted that `ls` always executes `/bin/ls`, but runs an attacker provided executable instead (very stupid, but real example). Now this usually happens without switching a "PATH provider", but my gut feeling is that having "one central place" for PATH processing would've prevented at least some of these issues.