udunadan@infosec.pubMEnglish · 1 year agoAndroid SELinux Internals Part I | 8kSec Blogsplus-square8ksec.ioexternal-linkmessage-square0fedilinkarrow-up11
arrow-up11external-linkAndroid SELinux Internals Part I | 8kSec Blogsplus-square8ksec.ioudunadan@infosec.pubMEnglish · 1 year agomessage-square0fedilink
udunadan@infosec.pubMEnglish · 1 year agoGitHub - airbus-cyber/ghidralligatorplus-squaregithub.comexternal-linkmessage-square0fedilinkarrow-up11
arrow-up11external-linkGitHub - airbus-cyber/ghidralligatorplus-squaregithub.comudunadan@infosec.pubMEnglish · 1 year agomessage-square0fedilink
udunadan@infosec.pubMEnglish · 1 year agoFinding bugs in C code with Multi-Level IR and VASTplus-squareblog.trailofbits.comexternal-linkmessage-square0fedilinkarrow-up11
arrow-up11external-linkFinding bugs in C code with Multi-Level IR and VASTplus-squareblog.trailofbits.comudunadan@infosec.pubMEnglish · 1 year agomessage-square0fedilink
udunadan@infosec.pubMEnglish · 1 year agoFinding Gadgets for CPU Side-Channels with Static Analysis Toolsplus-squaregithub.comexternal-linkmessage-square0fedilinkarrow-up11
arrow-up11external-linkFinding Gadgets for CPU Side-Channels with Static Analysis Toolsplus-squaregithub.comudunadan@infosec.pubMEnglish · 1 year agomessage-square0fedilink
udunadan@infosec.pubMEnglish · 1 year agoUncontained: Uncovering Container Confusion in the Linux Kernelplus-squarewww.vusec.netexternal-linkmessage-square0fedilinkarrow-up11
arrow-up11external-linkUncontained: Uncovering Container Confusion in the Linux Kernelplus-squarewww.vusec.netudunadan@infosec.pubMEnglish · 1 year agomessage-square0fedilink
udunadan@infosec.pubMEnglish · 1 year agoTurtleARM/CVE-2023-3338: Linux kernel LPE practice with an NPD vulnerabilityplus-squaregithub.comexternal-linkmessage-square0fedilinkarrow-up11
arrow-up11external-linkTurtleARM/CVE-2023-3338: Linux kernel LPE practice with an NPD vulnerabilityplus-squaregithub.comudunadan@infosec.pubMEnglish · 1 year agomessage-square0fedilink
udunadan@infosec.pubMEnglish · 1 year agoThe patch for the new WebKit 0-day used in Operation Triangulation (CVE-2023-32439)plus-squaregithub.comexternal-linkmessage-square0fedilinkarrow-up11
arrow-up11external-linkThe patch for the new WebKit 0-day used in Operation Triangulation (CVE-2023-32439)plus-squaregithub.comudunadan@infosec.pubMEnglish · 1 year agomessage-square0fedilink
udunadan@infosec.pubMEnglish · 1 year agoEATGuard: Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)plus-squaregithub.comexternal-linkmessage-square0fedilinkarrow-up11
arrow-up11external-linkEATGuard: Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)plus-squaregithub.comudunadan@infosec.pubMEnglish · 1 year agomessage-square0fedilink
udunadan@infosec.pubMEnglish · 1 year agoosx-re-101: A collection of resources for OSX/iOS reverse engineering.plus-squaregithub.comexternal-linkmessage-square0fedilinkarrow-up11
arrow-up11external-linkosx-re-101: A collection of resources for OSX/iOS reverse engineering.plus-squaregithub.comudunadan@infosec.pubMEnglish · 1 year agomessage-square0fedilink
udunadan@infosec.pubMEnglish · 1 year agoSafely detect whether a FortiGate SSL VPN instance is vulnerable to CVE-2023-27997 based on response timingplus-squaregithub.comexternal-linkmessage-square0fedilinkarrow-up11
arrow-up11external-linkSafely detect whether a FortiGate SSL VPN instance is vulnerable to CVE-2023-27997 based on response timingplus-squaregithub.comudunadan@infosec.pubMEnglish · 1 year agomessage-square0fedilink
udunadan@infosec.pubMEnglish · 1 year agoTurboRand: V8 Type Confusion Private Property Leak - SSD Secure Disclosureplus-squaressd-disclosure.comexternal-linkmessage-square0fedilinkarrow-up11
arrow-up11external-linkTurboRand: V8 Type Confusion Private Property Leak - SSD Secure Disclosureplus-squaressd-disclosure.comudunadan@infosec.pubMEnglish · 1 year agomessage-square0fedilink
udunadan@infosec.pubMEnglish · 1 year agoCVE-2023-21931 & CVE-2023-21839 RCE via post-deserializationplus-squarewww.vicarius.ioexternal-linkmessage-square0fedilinkarrow-up11
arrow-up11external-linkCVE-2023-21931 & CVE-2023-21839 RCE via post-deserializationplus-squarewww.vicarius.ioudunadan@infosec.pubMEnglish · 1 year agomessage-square0fedilink
udunadan@infosec.pubMEnglish · 1 year agoHexagon decompiler for Ghidraplus-squaregithub.comexternal-linkmessage-square0fedilinkarrow-up11
arrow-up11external-linkHexagon decompiler for Ghidraplus-squaregithub.comudunadan@infosec.pubMEnglish · 1 year agomessage-square0fedilink
udunadan@infosec.pubMEnglish · 1 year agoCVE-2023-2008 - Analyzing and exploiting a bug in the udmabuf driverplus-squarelabs.bluefrostsecurity.deexternal-linkmessage-square0fedilinkarrow-up11
arrow-up11external-linkCVE-2023-2008 - Analyzing and exploiting a bug in the udmabuf driverplus-squarelabs.bluefrostsecurity.deudunadan@infosec.pubMEnglish · 1 year agomessage-square0fedilink
udunadan@infosec.pubMEnglish · 1 year agochonked pt.2: exploiting cve-2023-33476 for remote code executionplus-squareblog.coffinsec.comexternal-linkmessage-square0fedilinkarrow-up11
arrow-up11external-linkchonked pt.2: exploiting cve-2023-33476 for remote code executionplus-squareblog.coffinsec.comudunadan@infosec.pubMEnglish · 1 year agomessage-square0fedilink
udunadan@infosec.pubMEnglish · 1 year ago"Breaking the Code - Exploiting and Examining CVE-2023-1829 in cls_tcindex Classifier Vulnerabilityplus-squarestarlabs.sgexternal-linkmessage-square0fedilinkarrow-up11
arrow-up11external-link"Breaking the Code - Exploiting and Examining CVE-2023-1829 in cls_tcindex Classifier Vulnerabilityplus-squarestarlabs.sgudunadan@infosec.pubMEnglish · 1 year agomessage-square0fedilink
udunadan@infosec.pubMEnglish · 1 year agoThe boom, the bust and the adjust: The offensive cybersecurity industry — trends and updatesplus-squaremedium.comexternal-linkmessage-square0fedilinkarrow-up11
arrow-up11external-linkThe boom, the bust and the adjust: The offensive cybersecurity industry — trends and updatesplus-squaremedium.comudunadan@infosec.pubMEnglish · 1 year agomessage-square0fedilink
udunadan@infosec.pubMEnglish · 1 year agoAdvanced binary fuzzing using AFL++-QEMU and libprotobuf: a practical case of grammar-aware in-memory persistent fuzzingplus-squareairbus-seclab.github.ioexternal-linkmessage-square0fedilinkarrow-up11
arrow-up11external-linkAdvanced binary fuzzing using AFL++-QEMU and libprotobuf: a practical case of grammar-aware in-memory persistent fuzzingplus-squareairbus-seclab.github.ioudunadan@infosec.pubMEnglish · 1 year agomessage-square0fedilink
udunadan@infosec.pubMEnglish · 1 year agoCVE-2023-20178 / Arbitrary File Delete vulnerability in Cisco Secure Client and Cisco AnyConnectplus-squaregithub.comexternal-linkmessage-square0fedilinkarrow-up11
arrow-up11external-linkCVE-2023-20178 / Arbitrary File Delete vulnerability in Cisco Secure Client and Cisco AnyConnectplus-squaregithub.comudunadan@infosec.pubMEnglish · 1 year agomessage-square0fedilink
udunadan@infosec.pubMEnglish · 1 year agoCVE-2023-29343/Arbitrary File Write in Sysmon v14.14plus-squaregithub.comexternal-linkmessage-square0fedilinkarrow-up11
arrow-up11external-linkCVE-2023-29343/Arbitrary File Write in Sysmon v14.14plus-squaregithub.comudunadan@infosec.pubMEnglish · 1 year agomessage-square0fedilink