There may be an all-new acronym for you to try and remember, as a result of Microsoft fixing a lingering issue. This...

by: Igor Korkin (@IgorKorkin) and Denis Pogonin

Windows OS is facing a huge rise in kernel attacks. An overview of popular techniques that result in loading kernel drivers will be presented. One of the key targets of modern threats is disabling and blinding…

Contribute to googleprojectzero/SockFuzzer development by creating an account on GitHub.

An Analysis of Remote Code Execution Vulnerability CVE-2022–34718

In 1998 Tom was arrested for hacking, and was told he was looking at over 270 years in prison. Time for a career change! Tom went on to a life as an academic, earning a PhD in Artificial Intelligence, before starting a career as an SEO consultant (you think…

As long as a fuzzer is uncovering a steady stream of bugs, we can haveconfidence it’s serving its purpose. But a silent fuzzer is harder to interpret:is our ...

By James Forshaw, Project Zero I've been spending a lot of time researching Windows authentication implementations, specifically Kerberos...

Go now supports fuzz testing natively as of Go 1.18, a tool that can be used to identify bugs and security vulnerabilities in your code. This talk will discuss how and why fuzzing can be used in Go, introduce differential fuzzing, and describe the mechanics…

Impalabs is releasing Hyperpom, a 64-bit ARM binary fuzzer written in Rust and based on the Apple Silicon's hypervisor. It is mutation-based and coverage-guided. This article gives an overview of its internals, presents the different components it consists…

A new initiative from Google Cloud and Cobalt Strike’s vendor has made it easier to find and block cracked versions of the popular red team software.

📥 Slides: https://fuzzinglabs.com/wp-content/uploads/2022/08/BHUSA22_fuzzing_webassembly_vm_patrick_ventuzelo.pdf

Since the MVP release in 2017, WebAssembly evolve gradually, bringing new adepts and new VM implementations over time. It’s now possible to…

It's just mind-blowing! it's so impressive that this AI is able to answer such complex subjects as exploitation, reversing, decompilation, etc.
The is a huge potential for us in the future to go even faster into learning IT security and hacking by being helped…

00:00 Introduction
00:42 Chat GPT overview
02:20 Writing a song for hackers
04:00 Getting a rental agreement and name change application from ChatGPT
05:55 Programming
08:00 Security related things fuzzing, identifying vulnerabilities, writing a fuzzer etc.…

New software supply chain vulnerabilities use artifact poisoning and attack the software development pipelines on projects using GitHub Actions.

Real-time HTTP Intrusion Detection. Contribute to teler-sh/teler development by creating an account on GitHub.

In this post I’ll show Avast self-defense bypass: how I discovered a new undocumented way to intercept all system calls without a hypervisor and PatchGuard triggered BSOD, and, finally, based on the knowledge gained, implemented a bypass