Security_Metrics_Workbook.pdf
4.3 MB
The Security Metrics Workbook:
A practical guide to building a metrics program that actually matters 2025.
#book #threat #modelling @reconcore
A practical guide to building a metrics program that actually matters 2025.
This workbook walks you through the exact processes Iʼve found most useful for figuring out what to measure in a security program and why it matters. Itʼs built to cut through the noise and give you a clear, repeatable approach. I know your time is valuable. Thatʼs why this workbook is practical, not theoretical. The goal is to help you define metrics that drive real decisions and show a return on the effort you put in
#book #threat #modelling @reconcore
DoH_Data_Exfiltration.pdf
1.8 MB
Evasion-Resilient Detection of DNS-over-HTTPS Data Exfiltration: A Practical Evaluation 2025.
#research #tools #netsec #cybersecurity @reconcore
This dissertation to explore the darker side of the protocol, how its privacy features can be exploited by attackers for data exfiltration, and what security challenges this poses for defenders
#research #tools #netsec #cybersecurity @reconcore
Tangled
#security #phishing #redteam @reconcore
Open-source offensive security platform for conducting phishing campaigns that weaponizes iCalendar automatic event processing.
tangled.gitbook.io/tangled-docs/
#security #phishing #redteam @reconcore
OWASP Top 10 2025
The Ten Most Critical Web Application Security Risks
Introducing the OWASP Top 10:2025
#websec #owasp @reconcore
The Ten Most Critical Web Application Security Risks
Introducing the OWASP Top 10:2025
A01:2025 - Broken Access Control
A02:2025 - Security Misconfiguration
A03:2025 - Software Supply Chain Failures
A04:2025 - Cryptographic Failures
A05:2025 - Injection
A06:2025 - Insecure Design
A07:2025 - Authentication Failures
A08:2025 - Software or Data Integrity Failures
A09:2025 - Security Logging & Alerting Failures
A10:2025 - Mishandling of Exceptional Conditions
#websec #owasp @reconcore
❤2
sleep-from-scratch
#linux #kernel @reconcore
This is a completely standalone sleep implementation for x86_64 Linux that depends only on the Linux kernel.
#linux #kernel @reconcore
YouTube
Rewriting "sleep" from scratch - no libraries, not even libc - only syscalls and some assembly magic
Let's rewrite "sleep" program absolutely from scrath - not even with libc. Only the compiler, the kernel, and a magic of inline assembly!
Let me know if this kind of long-form video is something you like.
Sources:
the code: https://github.com/valignatev/sleep…
Let me know if this kind of long-form video is something you like.
Sources:
the code: https://github.com/valignatev/sleep…
Everything About Memory Allocators: Write a Simple Memory Allocator
#memory #allocator #management #malloc #system #programming @reconcore
A comprehensive guide to memory allocators, covering allocation strategies, heap management, and implementing a custom memory allocator from scratch with performance considerations.
#memory #allocator #management #malloc #system #programming @reconcore
TheCoreDump
Everything About Memory Allocators: Write a Simple Memory Allocator
A comprehensive guide to memory allocators, covering allocation strategies, heap management, and implementing a custom memory allocator from scratch with performance considerations.
mongobleed
#vulnerability #exploit #poc #bugbounty #websec #cybersecurity @reconcore
CVE-2025-14847 - MongoDB Unauthenticated Memory Leak Exploit
A proof-of-concept exploit for the MongoDB zlib decompression vulnerability that allows unauthenticated attackers to leak sensitive server memory.
#vulnerability #exploit #poc #bugbounty #websec #cybersecurity @reconcore
GitHub
GitHub - joe-desimone/mongobleed
Contribute to joe-desimone/mongobleed development by creating an account on GitHub.
Проект Phoenix развивает современный X-сервер, написанный на языке Zig
#linux #phoenix #xserver #zig @reconcore
#linux #phoenix #xserver #zig @reconcore
www.opennet.ru
Проект Phoenix развивает современный X-сервер, написанный на языке Zig
В рамках проекта Phoenix предпринята попытка создания с нуля нового X-сервера, не использующего наработки X.org Server и нацеленного на создание современной альтернативы, расширяющей протокол X11 и предоставляющей возможности для совместимости с Wayland.…
GhidraGPT: A powerful Ghidra plugin that integrates Large Language Models (LLMs) directly into Ghidra to enhance reverse engineering workflows with code analysis and enhancement capabilities.
#llm #re @reconcore
#llm #re @reconcore
GitHub
GitHub - weirdmachine64/GhidraGPT: Integrate LLM models directly into Ghidra for automated code rewrite and analysis.
Integrate LLM models directly into Ghidra for automated code rewrite and analysis. - weirdmachine64/GhidraGPT
HeapHunter
Unique technique for bypassing AMSI
#technique #amsi #bypass @reconcore
Unique technique for bypassing AMSI
A unique technique that leverages the inner working of C++, specifically Pure Virtual Functions and Abstract Classes, to hijack AMSI without patching any RX in a .text section memory.
#technique #amsi #bypass @reconcore
Linux_Kernel_MetaXploit.pdf
865.5 KB
Reviving Discarded Vulnerabilities:
Exploiting Previously Unexploitable Linux Kernel Bugs Through Control Metadata Fields CCS 2025.
#kernel #security @reconcore
Exploiting Previously Unexploitable Linux Kernel Bugs Through Control Metadata Fields CCS 2025.
This paper presents a novel approach to revive these previously discarded vulnerabilities by exploiting Control Metadata Fields (CMFs) within Linux objects, rather than traditional pointer manipulation
#kernel #security @reconcore
ImHex v1.38.1
#re #disassembler #analysis #hex #binary #forensics #windows #cpp #multiplatform #tools #ips #mathematical #evaluator #cybersecurity @reconcore
A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
imhex.werwolv.net web-version docs
#re #disassembler #analysis #hex #binary #forensics #windows #cpp #multiplatform #tools #ips #mathematical #evaluator #cybersecurity @reconcore
Chrome-App-Bound-Encryption-Decryption
#chrome #payment #cookies #password #chromium #edge #brave #dll #injection #app #ielevator @reconcore
Fully decrypt App-Bound Encrypted (ABE) cookies, passwords & payment methods from Chromium-based browsers (Chrome, Brave, Edge) - all in user mode, no admin rights required.
#chrome #payment #cookies #password #chromium #edge #brave #dll #injection #app #ielevator @reconcore
poc-CVE-2025-38352
CVE-2025-38352 (Part 1) - In-the-wild Android Kernel Vulnerability Analysis + PoC
#vulnerability #analysis #android #kernel #posix #cpu #poc @reconcore
This is a proof of concept for CVE-2025-38352, a vulnerability in the Linux kernel's POSIX CPU timers implementation. The September 2025 Android Bulletin mentions that this vulnerability has been used in limited, targeted exploitation in the wild.
CVE-2025-38352 (Part 1) - In-the-wild Android Kernel Vulnerability Analysis + PoC
#vulnerability #analysis #android #kernel #posix #cpu #poc @reconcore
GitHub
poc-CVE-2025-38352/poc.c at main · farazsth98/poc-CVE-2025-38352
This is a proof of concept for CVE-2025-38352, a vulnerability in the Linux kernel's POSIX CPU timers implementation. The September 2025 Android Bulletin mentions that this vulnerability ha...
poc-CVE-2025-38352
CVE-2025-38352 (Part 2) - Extending The Race Window Without a Kernel Patch
#vulnerability #analysis #linux #kernel #posix #cpu #poc @reconcore
This is a proof of concept for CVE-2025-38352, a vulnerability in the Linux kernel's POSIX CPU timers implementation. The September 2025 Android Bulletin mentions that this vulnerability has been used in limited, targeted exploitation in the wild.
CVE-2025-38352 (Part 2) - Extending The Race Window Without a Kernel Patch
#vulnerability #analysis #linux #kernel #posix #cpu #poc @reconcore
GitHub
GitHub - farazsth98/poc-CVE-2025-38352: This is a proof of concept for CVE-2025-38352, a vulnerability in the Linux kernel's POSIX…
This is a proof of concept for CVE-2025-38352, a vulnerability in the Linux kernel's POSIX CPU timers implementation. The September 2025 Android Bulletin mentions that this vulnerability ha...