FrenchYeti

@FrenchYeti

creator, bytecode addict, security researcher, my opinions are my own

Toulouse, France
github.com/FrenchYeti
Vrijeme pridruživanja: ožujak 2014.
9 fotografija ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @FrenchYeti

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @FrenchYeti

  1. Prikvačeni tweet
    6. svi 2019.

    Do u know Dexcalibur ? An automatic DBI tool for Android powered by Frida with a GUI.

    23 proslijeđena tweeta 38 korisnika označava da im se sviđa
    Poništi
  2. proslijedio/la je Tweet
    prije 6 sati

    👀 Looking forward ? 👀 ⏮Here's a sneak peak on this year plans, so you can all start warming the engines! 🏎 🔥 🔥

    19 proslijeđenih tweetova 23 korisnika označavaju da im se sviđa
    Poništi
  3. proslijedio/la je Tweet
    prije 9 sati

    Periodic service message: CFP is currently opened! {Offensive, blueteam, network, low level, privacy ...} + talks or workshops are welcome and will be evaluated with care ❤️ Everything is on: RT appreciated 😘

    1 reply 21 proslijeđeni tweet 12 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet
    prije 7 sati

    🎦 My talk at has been published! "A journey through ESIL: understanding code emulation within radare2" is aimed to be a simple introduction to the inner workings, the power and the practical usage of 's ESIL. Hope you like it! 😉

    1 reply 6 proslijeđenih tweetova 18 korisnika označava da im se sviđa
    Poništi
  5. proslijedio/la je Tweet
    2. velj

    Russia blocks encrypted email service ProtonMail In other words "Russia validates the integrity of ProtonMail"

    1 reply 59 proslijeđenih tweetova 140 korisnika označava da im se sviđa
    Poništi
  6. proslijedio/la je Tweet
    2. velj

    VSCode x * VSCode based GUI * Interactive terminal * Remote file browser (Yes!) * Open source Not on market yet. But you can built it from the source:

    5 replies 117 proslijeđenih tweetova 372 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  7. proslijedio/la je Tweet
    2. pro 2019.

    I wrote a small tool to "recreate" AFL's mutation chain from a given seed/crash. It can also produce a graph that shows the relationship between seeds and the mutations that led to the creation of those seeds Hopefully it's useful to peeps

    41 proslijeđeni tweet 125 korisnika označava da im se sviđa
    Poništi
  8. proslijedio/la je Tweet
    26. pro 2019.

    “An Observational Investigation of Reverse Engineers’ Processes”, to appear at Usenix Security 2020

    See that 's arxiv draft is up! We've been interviewing and working with reverse engineers to identify gaps in applying (e.g.,) static analyses to reverse engineering and Dan identified some really cool results and future directions in this space!
    1 reply 5 proslijeđenih tweetova 13 korisnika označava da im se sviđa
    Poništi
  9. proslijedio/la je Tweet
    28. sij

    バーコーダーセッション🏪 バーコードリーダーのスキャン信号をレジではなく、スピーカーに直接接続することで音を鳴らす。 昼はバイトでレジ係、夜はクラブでバーコーディストになれます┃┃┃┃

    97 replies 7.301 proslijeđeni tweet 19.295 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  10. proslijedio/la je Tweet
    27. sij

    Another day, another embargo and addendum! “New” (not really!) variants of the day: L1D evictions (Fig 6, RIDL paper) or and vector registers or . See . As a bonus: a faster RIDL exploit that leaks a root hash in 4s:

    1 reply 20 proslijeđenih tweetova 25 korisnika označava da im se sviđa
    Poništi
  11. proslijedio/la je Tweet
    27. sij

    This KCOV extension by Andrey allows syzkaller to collect coverage from background kernel threads e.g. parsing incoming USB packets and unambiguously associate it with one of multiple parallel test processes running. To some degree unique for fuzzing coverage. Moar bugs coming!

    Linux kernel 5.5 includes kcov extension that allows to collect code coverage from background kernel threads:
    1 reply 5 proslijeđenih tweetova 41 korisnik označava da mu se sviđa
    Poništi
  12. proslijedio/la je Tweet
    25. sij

    GDA is a Dalvik bytecode decompiler written in C++. It supports APK, DEX, ODEX and OAT files. Looks really cool, especially if you don't have JEB, but it's not open source yet.

    21 proslijeđeni tweet 62 korisnika označavaju da im se sviđa
    Poništi
  13. 22. sij

    When you develop hook mechanism for a smali VM in order to generate Android frida hook

    4 korisnika označavaju da im se sviđa
    Poništi
  14. proslijedio/la je Tweet
    21. sij

    Automatic ROP chain generation using ROPgadget (gadgets finding) and Triton (sym. exec. part) by !!

    31 proslijeđeni tweet 60 korisnika označava da im se sviđa
    Poništi
  15. proslijedio/la je Tweet
    20. sij

    Android (AOSP) Download Provider SQL Injection in Query Selection Parameter (CVE-2019-2198) by Report: PoC:

    35 proslijeđenih tweetova 59 korisnika označava da im se sviđa
    Poništi
  16. proslijedio/la je Tweet
    19. sij

    AFLplusplus + libprotobuf-mutator

    22 proslijeđena tweeta 80 korisnika označava da im se sviđa
    Poništi
  17. proslijedio/la je Tweet
    8. sij

    Happy new decade! is still a thing, thus we will host the third edition of in Linz, Austria on July 6-7, 2020 (at , co-located with ) More details and call for speakers:

    15 proslijeđenih tweetova 28 korisnika označava da im se sviđa
    Poništi
  18. 13. sij

    If you hope auto/semi-auto integration of external tools with an android static analyzer and hook into , please send me suggests such as activity fuzzing using intent template generated by sast, ... :)

    4 korisnika označavaju da im se sviđa
    Poništi
  19. proslijedio/la je Tweet
    11. sij
    Odgovor korisniku/ci

    😎 But… The attacker tweaks a few strings in their frida-server binary using a hex editor, and the fun starts. The user gets their battery drained quicker when such code has been pasted into many popular apps. High price to pay for the illusion of slowing down attackers? 👇

    Odgovor korisnicima @insitusec @bsd_daemon @_r3ggi
    Opinion: Let’s spend time fixing bugs, improve code quality first. We risk giving customers a false sense of “security” in what is clearly the attacker’s advantage. Obviously once you app runs on someone else’s system you are no longer in control.
    1 reply 11 proslijeđenih tweetova 29 korisnika označava da im se sviđa
    Poništi
  20. proslijedio/la je Tweet
    1. sij

    Top threats - Month of December, 2019 Full list - (link: ) Download (most of the) samples - (link: )

    5 proslijeđenih tweetova 10 korisnika označava da im se sviđa
    Poništi
  21. proslijedio/la je Tweet
    26. pro 2019.

    New blogpost: Sanitized Emulation with QEMU-AddressSanitizer I just open-sourced my QEMU patches to fuzz binaries with ASan, QASan. You can also use it with ARM targets on Linux, a thing that you can't do with LLVM ASan!

    118 proslijeđenih tweetova 273 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi

@FrenchYeti još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·