
Ossama
28 posts

Ossama
@0x3lk
Just doing offsec stuff @Orangecyberdef | Maldev & Binary exploitation | Tweets are my own
0xffffffff81000000 Katılım Mayıs 2026
56 Takip Edilen18 Takipçiler
Ossama retweetledi

Excited to share our research on Process Parameter Poisoning with Max Hirschberger! We detail a novel process injection technique using parameters as an attack surface & released p3-loader (PoC).
sensepost.com/blog/2026/proc…
github.com/Orange-Cyberde…
#Malware #WindowsIntetnals
English

bl4ck4rch cooking 🧑🍳:)
bl4ck4rch@bl4ckarch
I was playing around AMSI and came up with some interesting bypass techniques. 6 techniques validated with a live reverse shell on a fully patched Windows 11, Defender on. bl4ckarch.github.io/posts/One-Bool… #AMSI #RedTeam #WindowsSecurity #ReverseEngineering #Pentest
English
Ossama retweetledi

0x3lk.github.io/posts/xsskerne… a high quality blog post from @0x3lk about @ToulouseHacking's 2026 most infamous reverse challenge. Worth reading if you love kernel, drivers and reverse.
English
Ossama retweetledi
Ossama retweetledi
Ossama retweetledi

VirtualQuery in the IAT : Hi darling
vx-underground@vxunderground
> see someone discussing position independent code > "no need to walk peb" > look inside > invokes VirtualQuery > ???
English
Ossama retweetledi

Themida turns a few lines of code into thousands of VM handler instructions. Completely unreadable.
back engineering built a static devirtualizer that lifts it all to IR, resolves the control flow, and recovers the original logic.
The before/after in the repo is genuinely shocking.
Works on pretty much any VM obfuscator, not just Themida.
Blog: back.engineering/blog/09/05/202…
Devirt output: github.com/backengineerin…
Author: @BackEngineerLab
#ReverseEngineering #InfoSec #Malware
English

Haha i can’t handle all this drama on MSRC
SandboxEscaper@WeirdQuadratic
To quote a great hacker:
English
Ossama retweetledi

Time to move to Entra Cloud Sync oofhours.com/2026/05/29/tim…
English
Ossama retweetledi
Ossama retweetledi

Last time I dealt with MSRC.
Responsibly disclosed an issue with legacy auth that allowed me to spray passwords at and avoid smart lockout.
Receives email.. 5 months after initial case opening.
“Doesn’t meet the bar for servicing”
Microsoft silently fixed. Closed case.
microsoft.com/en-us/msrc/blo…
English

me debugging the "last" BSOD before going to sleep
duck@ExtremeBlitz__
“Today ill fix my sleep schedule” me at 6:28 AM:
English
Ossama retweetledi







