Acunetix Premium Plus OnPremise with API Discovery
v 25.8.250820089
https://cloud.proxy-bar.org/s/5KhtUcpx3Cxln0Y
v 25.8.250820089
https://cloud.proxy-bar.org/s/5KhtUcpx3Cxln0Y
❤3
Analysing a 1-day Vulnerability in the Linux Kernel's TLS Subsyste
https://faith2dxy.xyz/2025-10-02/kCTF-TLS-nday-analysis/
@reverseengine
https://faith2dxy.xyz/2025-10-02/kCTF-TLS-nday-analysis/
@reverseengine
faith2dxy.xyz
Analysing a 1-day Vulnerability in the Linux Kernel's TLS Subsystem
I recently decided to start doing some Linux kernel security research in my free time, with the goal of creating one of my own submissions in Google's kernelCTF…
❤3
Reverse Engineering Go Binaries with Ghidra
https://cujo.com/reverse-engineering-go-binaries-with-ghidra
@reverseengine
https://cujo.com/reverse-engineering-go-binaries-with-ghidra
@reverseengine
CUJO AI
Reverse Engineering Go Binaries with Ghidra
Analyzing malware written in Go: recovering function names in stripped Go binaries and defining strings within Ghidra for reverse engineers.
❤2
Automation in Reverse Engineering: String Decryption
https://synthesis.to/2021/06/30/automating_string_decryption.html
@reverseengine
https://synthesis.to/2021/06/30/automating_string_decryption.html
@reverseengine
❤2
What I Learned from Reverse Engineering Windows Containers
https://unit42.paloaltonetworks.com/what-i-learned-from-reverse-engineering-windows-containers
@reverseengine
https://unit42.paloaltonetworks.com/what-i-learned-from-reverse-engineering-windows-containers
@reverseengine
Unit 42
What I Learned from Reverse Engineering Windows Containers
Our researcher provides an overview on containers - starting with their Linux history - and shows the different implementations of containers in Windows, how they work and the security pitfalls that may occur.
❤2
First known AI-powered Ransomware
https://x.com/ESETresearch/status/1960365364300087724
@reverseengine
https://x.com/ESETresearch/status/1960365364300087724
@reverseengine
X (formerly Twitter)
ESET Research (@ESETresearch) on X
#ESETResearch has discovered the first known AI-powered ransomware, which we named #PromptLock. The PromptLock malware uses the gpt-oss:20b model from OpenAI locally via the Ollama API to generate malicious Lua noscripts on the fly, which it then executes 1/6
❤2
CVE-2025-50168-pwm2own-berlin-2025
https://github.com/D4m0n/CVE-2025-50168-pwn2own-berlin-2025/tree/main/P2O
@reverseengine
https://github.com/D4m0n/CVE-2025-50168-pwn2own-berlin-2025/tree/main/P2O
@reverseengine
GitHub
CVE-2025-50168-pwn2own-berlin-2025/P2O at main · D4m0n/CVE-2025-50168-pwn2own-berlin-2025
CVE-2025-50168 Exploit PoC — Pwn2Own Berlin 2025 - LPE(Windows 11) winning bug. - D4m0n/CVE-2025-50168-pwn2own-berlin-2025
❤4
This is a Project Working on Reverse Engineering the Apple G13 GPU Architecture
https://github.com/dougallj/applegpu
@reverseengine
https://github.com/dougallj/applegpu
@reverseengine
GitHub
GitHub - dougallj/applegpu: Apple G13 GPU architecture docs and tools
Apple G13 GPU architecture docs and tools. Contribute to dougallj/applegpu development by creating an account on GitHub.
❤4
Windows Installer File Read 0day
https://halove23.blogspot.com/2021/02/windows-installer-file-read-0day_12.html?m=1
@reverseengine
https://halove23.blogspot.com/2021/02/windows-installer-file-read-0day_12.html?m=1
@reverseengine
Forwarded from RadvanSec (Sin0x001)
تکنیک Narrator DLL Hijack
ویندوز ابزاری به نام Narrator دارد که برای دسترسی افراد دارای نیازهای ویژه (Accessibility) کاربرد دارد.
Narrator.exe هنگام اجرا یک DLL به نام MSTTSLocOneCoreEnUS.dll را بارگذاری میکند که باید در مسیر %windir%\system32\speech_onecore\engines\tts باشد.
اگر حملهکننده بتواند نسخه مخربی از این DLL را در همان مسیر قرار دهد، با اجرای Narrator کد مخرب اجرا خواهد شد (بدون نیاز به وارد کردن توابع export خاص).
برای فریب بیشتر، در اثبات مفهوم (PoC) ارائه شده، سازندگان یک نسخه از DLL را طوری تغییر دادهاند که Narrator در حالت «سکوت» اجرا شود (یعنی صدایی تولید نکند یا نشان دادن چیزی نداشته باشد) تا کاربر متوجه نشود که چیزی غیرعادی در حال رخ دادن است.
⭐️ @RadvanSec
ویندوز ابزاری به نام Narrator دارد که برای دسترسی افراد دارای نیازهای ویژه (Accessibility) کاربرد دارد.
Narrator.exe هنگام اجرا یک DLL به نام MSTTSLocOneCoreEnUS.dll را بارگذاری میکند که باید در مسیر %windir%\system32\speech_onecore\engines\tts باشد.
اگر حملهکننده بتواند نسخه مخربی از این DLL را در همان مسیر قرار دهد، با اجرای Narrator کد مخرب اجرا خواهد شد (بدون نیاز به وارد کردن توابع export خاص).
برای فریب بیشتر، در اثبات مفهوم (PoC) ارائه شده، سازندگان یک نسخه از DLL را طوری تغییر دادهاند که Narrator در حالت «سکوت» اجرا شود (یعنی صدایی تولید نکند یا نشان دادن چیزی نداشته باشد) تا کاربر متوجه نشود که چیزی غیرعادی در حال رخ دادن است.
⭐️ @RadvanSec
❤1
RadvanSec
Photo
Narrator DLL Hijack Technique
Windows has a tool called Narrator that is used for accessibility purposes.
When Narrator.exe runs, it loads a DLL called MSTTSLocOneCoreEnUS.dll, which should be located in the path %windir%\system32\speech_onecore\engines\tts.
If an attacker can place a malicious version of this DLL in the same path, running Narrator will execute malicious code (without the need to import specific export functions).
To further trickery, in the proof of concept (PoC) provided, the developers have modified a version of the DLL so that Narrator runs in a "silent" mode (i.e., does not make any sound or display anything) so that the user does not notice that something unusual is happening.
⭐️ @RadvanSec
Windows has a tool called Narrator that is used for accessibility purposes.
When Narrator.exe runs, it loads a DLL called MSTTSLocOneCoreEnUS.dll, which should be located in the path %windir%\system32\speech_onecore\engines\tts.
If an attacker can place a malicious version of this DLL in the same path, running Narrator will execute malicious code (without the need to import specific export functions).
To further trickery, in the proof of concept (PoC) provided, the developers have modified a version of the DLL so that Narrator runs in a "silent" mode (i.e., does not make any sound or display anything) so that the user does not notice that something unusual is happening.
⭐️ @RadvanSec
❤1
Forwarded from Hack Hive
https://medium.com/@horamah.71/static-code-analysis-and-the-role-of-ai-in-sast-3ac5d305daac
https://x.com/horamah_71/status/1985624183422746889?t=N4k77A7l30ZUHCp1RMcG5w&s=19
https://x.com/horamah_71/status/1985624183422746889?t=N4k77A7l30ZUHCp1RMcG5w&s=19
Medium
🔍Static Code Analysis and the Role of AI in SAST
Hey everyone! 👋 I’m @horamah.71, sharing my latest research, exploits, and security discoveries. Stay tuned for more deep dives!
Let’s…
Let’s…
❤4