Breaking the Sound Barrier Part I: Fuzzing CoreAudio with Mach Messages
https://googleprojectzero.blogspot.com/2025/05/breaking-sound-barrier-part-i-fuzzing.html
https://googleprojectzero.blogspot.com/2025/05/breaking-sound-barrier-part-i-fuzzing.html
Blogspot
Breaking the Sound Barrier Part I: Fuzzing CoreAudio with Mach Messages
Guest post by Dillon Franke, Senior Security Engineer , 20% time on Project Zero Every second, highly-privileged MacOS system daemons...
Malware Development Tutorial: Bypassing Windows Defender With This EASY Technique
https://www.youtube.com/watch?v=CSt5wcvNjBU
https://www.youtube.com/watch?v=CSt5wcvNjBU
YouTube
Malware Development Tutorial: Bypassing Windows Defender With This EASY Technique
Malware Development Tutorial: Bypassing Windows Defender with SMB Staging
In this step-by-step malware development tutorial, you’ll discover how to bypass Windows Defender using a powerful technique called SMB staging. By delivering shellcode over a remote…
In this step-by-step malware development tutorial, you’ll discover how to bypass Windows Defender using a powerful technique called SMB staging. By delivering shellcode over a remote…
ManuFuzzer is an LLVM-based binary, coverage-guided fuzzing framework for macOS
https://github.com/ant4g0nist/ManuFuzzer
https://github.com/ant4g0nist/ManuFuzzer
GitHub
GitHub - ant4g0nist/ManuFuzzer: Binary code-coverage fuzzer for macOS, based on libFuzzer and LLVM
Binary code-coverage fuzzer for macOS, based on libFuzzer and LLVM - ant4g0nist/ManuFuzzer
1day practice - Escape macOS sandbox (partial) using RemoteViewServices
https://github.com/wh1te4ever/CVE-2025-31258-PoC
https://www.youtube.com/watch?v=GlReVUh_4W4
https://github.com/wh1te4ever/CVE-2025-31258-PoC
https://www.youtube.com/watch?v=GlReVUh_4W4
GitHub
GitHub - wh1te4ever/CVE-2025-31258-PoC: 1day practice - Escape macOS sandbox (partial) using RemoteViewServices
1day practice - Escape macOS sandbox (partial) using RemoteViewServices - wh1te4ever/CVE-2025-31258-PoC
XINTRA Writeup.
This lab emulates a targeted intrusion aligned with Mustang Panda’s TTPs — leveraging spear-phishing, DLL sideloading, and C2 over Dropbox to steal sensitive diplomatic data.
https://cham1ndux.github.io/posts/Mustand-Panda-APT-Analysis/
This lab emulates a targeted intrusion aligned with Mustang Panda’s TTPs — leveraging spear-phishing, DLL sideloading, and C2 over Dropbox to steal sensitive diplomatic data.
https://cham1ndux.github.io/posts/Mustand-Panda-APT-Analysis/
ChamX
Council of Tropical Affairs APT-Inspired Threat Hunting Walkthrough
The Threat Actor in focus is Mustang Panda a.k.a. Stately Taurus, a well-documented Chinese APT group known for cyber-espionage campaigns targeting governments, NGOs, and political entities across Southeast Asia. This lab emulates a targeted intrusion aligned…
Fuzzing Windows Defender with loadlibrary in 2025
https://scrapco.de/blog/fuzzing-windows-defender-with-loadlibrary-in-2025.html
https://scrapco.de/blog/fuzzing-windows-defender-with-loadlibrary-in-2025.html
scrapco.de
Lingua Diabolis | Fuzzing Windows Defender with loadlibrary in 2025
Improving AFD Socket Visibility for Windows Forensics & Troubleshooting
https://www.huntandhackett.com/blog/improving_afd_socket_visibility
https://www.huntandhackett.com/blog/improving_afd_socket_visibility
Huntandhackett
Improving AFD Socket Visibility for Windows Forensics & Troubleshooting
This blog post explains the basics of Ancillary Function Driver API and how it can help explore networking activity on Windows systems.
Eclipse on Next.js: Conditioned exploitation of an intended race-condition
https://zhero-web-sec.github.io/research-and-things/eclipse-on-nextjs-conditioned-exploitation-of-an-intended-race-condition
https://zhero-web-sec.github.io/research-and-things/eclipse-on-nextjs-conditioned-exploitation-of-an-intended-race-condition
zhero_web_security
Eclipse on Next.js: Conditioned exploitation of an intended race-condition
CVE-2025-32421
Frame by Frame, Kernel Streaming Keeps Giving Vulnerabilities
https://devco.re/blog/2025/05/17/frame-by-frame-kernel-streaming-keeps-giving-vulnerabilities-en/
https://devco.re/blog/2025/05/17/frame-by-frame-kernel-streaming-keeps-giving-vulnerabilities-en/
DEVCORE 戴夫寇爾
Frame by Frame, Kernel Streaming Keeps Giving Vulnerabilities | DEVCORE 戴夫寇爾
In-depth research into Windows Kernel Streaming vulnerabilities, revealing MDL misuse, buffer misalignment, and exploitation techniques used in CVE-2024-38238 and others.
IDA Python Script to Get All function names from Event Constructor (VCL) (IDA 9)
https://github.com/Coldzer0/IDA-For-Delphi
https://github.com/Coldzer0/IDA-For-Delphi
GitHub
GitHub - Coldzer0/IDA-For-Delphi: IDA Python Script to Get All function names from Event Constructor (VCL)
IDA Python Script to Get All function names from Event Constructor (VCL) - Coldzer0/IDA-For-Delphi
How I used o3 to find CVE-2025-37899, a remote zeroday vulnerability in the Linux kernel’s SMB implementation
https://sean.heelan.io/2025/05/22/how-i-used-o3-to-find-cve-2025-37899-a-remote-zeroday-vulnerability-in-the-linux-kernels-smb-implementation/
https://sean.heelan.io/2025/05/22/how-i-used-o3-to-find-cve-2025-37899-a-remote-zeroday-vulnerability-in-the-linux-kernels-smb-implementation/
Sean Heelan's Blog
How I used o3 to find CVE-2025-37899, a remote zeroday vulnerability in the Linux kernel’s SMB implementation
In this post I’ll show you how I found a zeroday vulnerability in the Linux kernel using OpenAI’s o3 model. I found the vulnerability with nothing more complicated than the o3 API ̵…
Пятничный опрос.
Вы пробовали наркотики? (кроме алкоголя, никотина, кофеина, марихуаны)
Вы пробовали наркотики? (кроме алкоголя, никотина, кофеина, марихуаны)
Final Results
21%
Да
79%
Нет