are you a programmer? do you like heavy metal? would you like to be *really upset* by a music video?

do i have something for you.

https://www.youtube.com/watch?v=yup8gIXxWDU

Tell you a secret about red team #cybersecurity work:

Almost everyone wants to pretend to be a red teamer; almost nobody had the willingness to put in the real work to become one.

Responsible Red Teaming is @thetaggartinstitute 's most enrolled course by a wide margin.

It is also the least-completed.

The course content is not more technical than any other offensive security course. Indeed, most of it is far less, instead requiring you to think about the human impact of the work. This course discusses how to operate in a safe, appropriate manner. It is not about popping shells.

Once most folks discover this, they bail.

If you want to do offensive security solely because you want to "hack stuff," you're a liability. You must understand your role in hardening defenses and working with defenders to improve operational security.

The job is not a CTF. If you can't hack that, please find another line of work.

Stop. Truncating. Hashes.

https://www.phoronix.com/news/OpenWrt-Compromised-ASU-Builds

As a service to security researcher, I added this section to #curl's hackerone page:

AI

If you have used AI in the creation of the vulnerability report, you must disclose this fact in the report and you should do so clearly. We will of course doubt all "facts" and claims in reports where an AI has been involved. You should check and double-check all facts and claims any AI told you before you pass on such reports to us. You are normally much better off avoiding AI.

https://hackerone.com/curl

0x00 - Introduction to Windows Kernel Exploitation

https://wetw0rk.github.io/posts/0x00-introduction-to-windows-kernel-exploitation/?ref=blog.exploits.club

0x01 - Killing Windows Kernel Mitigations

https://wetw0rk.github.io/posts/0x01-killing-windows-kernel-mitigations/

MmScrubMemory
The Nemesis of Virtual Machine Introspection

https://wbenny.github.io/2024/11/21/mmscrubmemory.html?ref=blog.exploits.club

Pointers Are Complicated, or: What's in a Byte?
https://www.ralfj.de/blog/2018/07/24/pointers-and-bytes.html

Pointers Are Complicated II, or: We need better language specs
https://www.ralfj.de/blog/2020/12/14/provenance.html

Pointers Are Complicated III, or: Pointer-integer casts exposed
https://www.ralfj.de/blog/2022/04/11/provenance-exposed.html

Why are some people obsessed about reading the right way?

“You’re wasting your time if you’re not reading the classics” or “reading should be about sucking the marrow of the vast body literature” or “reading is about retaining information”

None of it is true. People read because they like reading. Maybe they like stories. Maybe they like words. Maybe they are learning something obscure. There are millions of different reasons or ways to read. Don’t let pedants steal your joy or soul.

Just read #read #books

[RSS] Everyday Ghidra: Symbols -- Prescription Lenses for Reverse Engineers -- Part 1

https://clearbluejar.github.io/posts/everyday-ghidra-symbols-prescription-lenses-for-reverse-engineers-part-1/

Remote Code Execution with Spring Boot 3.4.0 Properties

https://snyk.io/articles/remote-code-execution-with-spring-boot-3-4-0-properties/

[RSS] Reverse engineering the Sega Channel game image file format

https://www.infochunk.com/schannel/index.html

Malimite is an iOS decompiler designed to help researchers analyze and decode IPA files https://github.com/LaurieWired/Malimite

Intel launched the Pentium processor in 1993. Unfortunately, dividing sometimes gave a slightly wrong answer, the famous FDIV bug. Replacing the faulty chips cost Intel $475 million. I reverse-engineered the circuitry and can explain the bug. 1/9

Writing down (and searching through) every UUID · eieio.games
https://eieio.games/blog/writing-down-every-uuid/

/via @filippo

#frombsky

here's a useful shell git alias for this time of year
`alias gitmcclane='git commit -m "yippee-ki-yea, motherfucker" && git push --force’`

Command injection is common enough, but truncating the SHA256 hash to 12 characters? That's new to me. https://github.com/openwrt/asu/security/advisories/GHSA-r3gq-96h6-3v7q

Breaking the most popular #Web Application Firewalls (#waf) in the market

https://nzt-48.org/breaking-the-most-popular-wafs

[RSS] Trying to Exploit My Old Android Device, take 2 (CVE-2020-0401, PackageManagerService)

https://pwner.gg/blog/Android%27s-CVE-2020-0401

"Good Red Team comes on slow. The first month is all waiting, then halfway through the second month you start cursing the service provider who burned you, because nothing is happening. And then... ZANG!" - Hunter CISO Thompson