Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @andreafioraldi
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @andreafioraldi
-
This can't happen with Motherfucking CTF (https://github.com/andreafioraldi/motherfucking-ctf …) cause there isn't password recovery. If you lose a password while playing a CTF, you deserve to loose
https://twitter.com/RiftWhiteHat/status/1223658137279979527 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Andrea Fioraldi proslijedio/la je Tweet
VSCode x
@fridadotre * VSCode based GUI * Interactive terminal * Remote file browser (Yes!) * Open source Not on market yet. But you can built it from the source: https://github.com/chichou/vscode-frida …pic.twitter.com/sG5UhDy2WdPrikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Andrea Fioraldi proslijedio/la je Tweet
~~~~ Update ~~~~ The slides of this Friday's meeting are now online. Download them from the website or from GitHub (https://github.com/DefconRome/meetings-2020/tree/master/january-31 …) /cc
@defcon@defcongroupsHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
This afternoon don't miss our talks about
@fridadotre and the@gamozolabs recent work on MDS for CPU instrospection.
https://defcon11396.it//meetings/meeting-jan31/ …https://twitter.com/defcon11396/status/1223187774469300224 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Happy to announce a new LLVM instrumentation for AFL++ called CmpLog that feeds the fuzzer with comparisons operands extracted with SanCov. https://github.com/vanhauser-thc/AFLplusplus/blob/master/llvm_mode/README.cmplog.md … I used it to build the Redqueen mutator in AFL++!
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
So now we have also the power metal edition of mhackeroni/sourcloud.https://twitter.com/HackingForSoju/status/1222850699517665281 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Andrea Fioraldi proslijedio/la je Tweet
Do you know
#aflplusplus? It brings interesting add-ons to AFL.@nosoynadiemas used it during his fuzzing research to create custom instrumentation whitelists, increasing AFL code coveragehttps://securitylab.github.com/research/fuzzing-challenges-solutions-1 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Andrea Fioraldi proslijedio/la je Tweet
Next meeting schedule is out! 31 Jan, 5 p.m.
@DIAGSapienza - Breaking the walls: CPU introspection through micro-architectural data sampling, by@borrello_pietro - Breaking apps from the inside: an introduction to the FRIDA binary instrumentation framework, by Radamanthpic.twitter.com/oeGAK2T3CYPrikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Andrea Fioraldi proslijedio/la je Tweet
Can't wait to present the progress we've made since
#BHEU at@offensive_con! tfp0, full disk mounts with our own block device driver, most of the iOS services running, ssh and a textual framebuffer.#offensiveconpic.twitter.com/xfEaCdgraH
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
This opens a landscape of possibilities in the sanitization of IOT firmwares, maybe also "Sanitized Re-hosting". I have to patch compiler-rt to have meaningful error reports, but this shit seems promising.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
This morning I decided to experiment a bit with QASan in full system mode. It works with a small firmware and now I'm trying to boot a patched SerenityOS. You can find my attempts here: https://github.com/andreafioraldi/qasan-examples …pic.twitter.com/nj0M8E2wgt
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Does anyone know if there is a fast and thread-safe allocator consisting of a single C file?
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Andrea Fioraldi proslijedio/la je Tweet
AFLplusplus + libprotobuf-mutator https://github.com/thebabush/afl-libprotobuf-mutator/ …
#fuzzing#securityHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Strange things happen when you read advisories while drinking in a pub,
#vulninception. Btw I just downloaded KolibriOS to be safe, checkmate NSA.Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Suppose that with CVE-2020-0601 a state-actor can insert malicious code in win updates. Now suppose that NSA is backdooring the patch using the vuln itself and it disclosed the vuln to force all to install the backdoored patch. Can we call it vuln-inception?pic.twitter.com/oxp5LxYj4g
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Andrea Fioraldi proslijedio/la je Tweet
If anyone wants to use unicorn afl with good ol' C, here's how to do ithttps://github.com/vanhauser-thc/AFLplusplus/blob/master/unicorn_mode/samples/c/harness.c …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
@xwlin_roy I saw your tweet, enjoy Superion.Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Today the Superion fuzzer is not anymore open-source on GitHub (https://github.com/zhunki/Superion ) so I created an organization called Fuzzers-Archive that aims to collect unmaintained fuzzers to prevent this situation. Open an issue to ask for additions:https://github.com/Fuzzers-Archive/archive …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
The dream team was
@rop2bash@AndreaTulimiero@danielecap dpstart lucaferreraPrikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
It uses an abstraction of VEX (register juice, CFG info and other stuffs) to produce shingles for minhash and then query the top-k similar routines. The hashes are maintained in MySQL and each lookup costs 8 queries on an index (so 8*log(M) that is juicy).
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.