This framework generates fuzz targets for real-world C/C++ projects with various Large Language Models (LLM) and benchmarks them via the OSS-Fuzz platform.
https://github.com/google/oss-fuzz-gen
https://github.com/google/oss-fuzz-gen
GitHub
GitHub - google/oss-fuzz-gen: LLM powered fuzzing via OSS-Fuzz.
LLM powered fuzzing via OSS-Fuzz. Contribute to google/oss-fuzz-gen development by creating an account on GitHub.
Creating FLIRT Signatures in IDA Pro for CTF's, Malware, etc...
https://www.youtube.com/watch?v=TqIUsLQ-HjE
https://www.youtube.com/watch?v=TqIUsLQ-HjE
YouTube
Creating FLIRT Signatures in IDA Pro for CTF's, Malware, etc...
MOST VIDEOS ARE UNDER THE LIVE SECTION!
Often times during Capture the Flag (CTF) challenges, you are given a binary that is not only stripped of symbols, but also includes statically compiled library code. This can make reverse engineering more challenging…
Often times during Capture the Flag (CTF) challenges, you are given a binary that is not only stripped of symbols, but also includes statically compiled library code. This can make reverse engineering more challenging…
Escaping the sandbox: A bug that speaks for itself
https://microsoftedge.github.io/edgevr/posts/Escaping-the-sandbox-A-bug-that-speaks-for-itself/
https://microsoftedge.github.io/edgevr/posts/Escaping-the-sandbox-A-bug-that-speaks-for-itself/
Microsoft Browser Vulnerability Research
Escaping the sandbox: A bug that speaks for itself
Introduction
Панишер
https://github.com/ginger51011/pandoras_pot
Inspired by HellPot, pandoras_pot aims to bring even more misery on unruly web crawlers that don't respect your robots.txt.
The goal with pandoras_pot is to have maximum data output, while not using up all the resources of your webserver that probably could be doing better things with its time.
https://github.com/ginger51011/pandoras_pot
GitHub
GitHub - ginger51011/pandoras_pot: HTTP honeypot to punish and educate unruly web crawlers, written in Rust (🚀)
HTTP honeypot to punish and educate unruly web crawlers, written in Rust (🚀) - ginger51011/pandoras_pot
Xworm Loader Analysis - Unravelling Multi-stage Loaders with CyberChef and DnSpy
https://www.youtube.com/watch?v=tenNFzM-MM0
https://www.youtube.com/watch?v=tenNFzM-MM0
YouTube
Defeating Multi-stage Malware with CyberChef and DnSpy (Xworm)
Investigating and Decoding an Xworm Loader noscript. Leveraging CyberChef and Dnspy to perform AES Decryption and C2 Extraction.
SHA256:e5dac6f6d2ab4c479c5c3e91064f335de141c8399bd93f8267e13f134c578c0f
SHA256:e5dac6f6d2ab4c479c5c3e91064f335de141c8399bd93f8267e13f134c578c0f
Modern implant design: position independent malware development
https://5pider.net/blog/2024/01/27/modern-shellcode-implant-design/
https://5pider.net/blog/2024/01/27/modern-shellcode-implant-design/
5pider.net
/5pider.net
Hello friend, friendly neighborhood 5pider here
Understanding PEB and LDR Structures using IDA and LummaStealer
https://viuleeenz.github.io/posts/2024/02/understanding-peb-and-ldr-structures-using-ida-and-lummastealer/
https://viuleeenz.github.io/posts/2024/02/understanding-peb-and-ldr-structures-using-ida-and-lummastealer/
Security Undisguised
Understanding PEB and LDR Structures using IDA and LummaStealer
In this post I’m going to explain how Process Environment Block (PEB) is parsed by malware devs and how that structure is abused. Instead of going too deep into a lot of details, I would like to follow an easier approach pairing the theory with a practical…