Daniel García

I just released HeapViewer. An IDA Pro plugin to examine the glibc heap, focused on exploit development. github.com/danigargu/heap…

I hadn't noticed that @HexRaysSA's IDA 9.2 introduced new feature similar to "dereferencing" plugin. Well, the plugin is still better (for instance, in dereferencing in stack view) and the good news is that the plugin is compatible with IDA 9.2 with qt6 shim enabled

Releasing a Windows 11 LPE exploit by @FuzzySec and I. Exploits CVE-2023-21768, a vuln in afd.sys. Blog post soon! github.com/xforcered/Wind…

New research 👉 Exception Oriented Programming, Part 2: Weaponizing Fundamental Weaknesses in Exception Unwinding to Gain Code Execution billdemirkapi.me/abusing-except…

github.com/vitoplantamura… => „BugChecker is a SoftICE-like kernel and user mode debugger, supporting Windows versions from XP to 11, both x86 and x64)“ #SoftIce #Debugging #Oldschool

1️⃣ It is now possible to start a Jupyter Notebook connected to IDA Python right from IDA. One of the most requested features! 🎉 2/5

I wrote an IDA plugin that queries #ChatGPT and explains decompiled functions. It's still very bleeding edge, but you can find the code here and try it out: github.com/JusticeRage/Ge… (Yes, the video was performed on a very basic case for simplicity's sake.)

My write-up for the Blue Frost Security Windows Exploitation Challenge released during Ekoparty: voidsec.com/windows-exploi… Thanks @bluefrostsec for the challenge, I've enjoyed it very much

#flareon9 nesrak1.github.io/2022/11/13/fla… A bit late, but my write-up on how I solved Flare-On 9's last challenge and getting the original code back, even without debugging.

Over and out #flareon9. All challenge solutions by the author's are available at mandiant.com/resources/blog…. Finishers will receive this elaborate medal.

Hello everyone ! Come see our new IDA plugin ! AutoResolv is a free IDA plugin, which resolves functions imported from external libraries. Moreover, it can import the right signature of those functions and refactor your code accordingly. github.com/airbus-seclab/…

What can I say? A beautiful day talking about HVCI & kernel exploitation at BSides in Kansas City, Missouri, meeting people passionate about security, and (most importantly) hanging with my fiancé. Slides: github.com/connormcgarr/P… Supporting blog: connormcgarr.github.io/hvci/

#flareon9 is happening. Let your family know you'll miss them. mandiant.com/resources/anno…

Helper script for Windows kernel debugging with IDA Pro on native Bochs debugger (including PDB symbols). Ported from IDA-VMware-GDB by @d_olex. So, Yes you can use your own bochs instrumentation + symbols :-D @ilfak github.com/therealdreg/id…

As promised, I wrote about my Windows 11 post exploitation technique to go from an arbitrary write/increment to a full read/write through I/O rings: windows-internals.com/one-i-o-ring-t…

Offensive Windows IPC Internals, by @0xcsandker Part 1: Named Pipes csandker.io/2021/01/10/Off… Part 2: RPC csandker.io/2021/02/21/Off… Part 3: ALPC csandker.io/2022/05/24/Off…

All-in-one shellcode to exe Python script that doesn't depend on a third-party assembler: github.com/TheEnergyStory…

You can find the slides here raw.githubusercontent.com/X-C3LL/congres…

I am ecstatic to announce that Winsider Seminars & Solutions, Inc. (the training company that @yarden_shafir and I co-own) has finalized the transfer of the venerable Process Hacker project into a new System Informer project (github.com/winsiderss/sys…). We are still migrating.. 1/2

We published the first ever blog post about HyperDbg Debugger. In this post, we explain the principles and methodologies of @HyperDbg rayanfam.com/topics/hyperdb…

Finally it dropped! ollydbg.de/odbg64.zip