Ben 'epi' Risher

🤠 Howdy! I'm happy to release v1.0.0 of my new project, feroxbuster! feroxbuster is a forced browsing tool akin to gobuster/ffuf. It's written in Rust using async/await for concurrency.

Howdy! Just pushed a new version of feroxbuster. New cli options: * --response-size-limit * --unique * --data-json * --data-urlencoded Added ability to set number of dir scans from the Scan Mgmt Menu. Also bugfixes and smaller enhancements. Enjoy! github.com/epi052/feroxbu…

@0xTib3rius It was awesome getting to meet you! Hopefully we see eachother again at Schmoocon's successor

Got to fanboy over @epi052, the creator of the best directory busting tool: feroxbuster! Awesome dude!

@d0nutptr #[non_exhaustive]

An enum with 58 variants? Could just be..

@_r3st Take a look at the docs for that one. The normal cli params will interact with those derived from the request file in a way that (hopefully) makes sense. Please let me know if that's not the case!

howdy! I pushed a new feroxbuster release this morning! Notable changes: --request-file for scanning based on a raw http request (e.g. from burp) --limit-bars to cap the number of progress bars shown during a scan --scan-dir-listings to recurse into dir listing enabled dirs👇

@geeknik Brb, updating the changelog

Feroxbuster v2.11.0: The code now reads your mind, scans the void between directories, and limits progress bars to prevent existential overload. Protocols bend; recursion is inevitable. Reality itself may be next—proceed accordingly. github.com/epi052/feroxbu…

Love the feroxbuster team for listening to feedback and understanding edge cases. It's my favorite directory busting tool for that reason. Case in point, it used to stop scanning if it encountered a directory listing, which does make sense...except it's possible to hide certain files from a listing, and this actually caused issues solving a @tryhackme machine. Anyway now it will warn you and also provide an option to keep scanning directory listings! github.com/epi052/feroxbu…

I also fixed the documentation site's search functionality and upgraded all the CI/CD pipelines. docs: epi052.github.io/feroxbuster-do… pre-built binaries are available on the releases page. Happy hacking! github.com/epi052/feroxbu…

The slides of our (CC: @m_u00d8) talk "Unleashing AI: The Future of Reverse Engineering with Large Language Models" at @reconmtl are now online. Slides: synthesis.to/presentations/… ReverserAI: github.com/mrphrazer/reve…

Happy to announce the release of our LLVM-based (dis)assembler framework, Nyxstone. It supports all architectures of LLVM, label-support in the assembler comes with Python & Rust bindings.

Wrote a blogpost summarizing all of the features we've added to Lucid in the last few months: Snapshots, Code Coverage Feedback, and more. In the blogpost we actually get all the way to fuzzing a Linux kernel syscall which includes a setup description. h0mbre.github.io/Lucid_Snapshot…

@AlphaRingo @Random_Robbie Looks great! Is that birdhouse signed or is it part of the board ?

@Random_Robbie Needs two more 😉

As a teenager mowed all summer just to afford new boards then rolled around until they were junk. Going to put these up on an empty office wall for decoration. 😬

@h0mbre_ Blog post when tho? Needs more caveman!

we built a full-system snapshot fuzzer and its like none of you even care

@andreafioraldi Congratulations! Also, for the rest of your life, every appointment is a doctor's appointment 🥳

Today some people told me that I got a Ph.D. degree, finally many important doctors like Dr. Dre, Dr. Doom, Dr. Who, Dr. House and Dr. Jekyll are my peers.

I gave Claude 3 the entire source of a small C GIF decoding library I found on GitHub, and asked it to write me a Python function to generate random GIFs that exercised the parser. Its GIF generator got 92% line coverage in the decoder and found 4 memory safety bugs and one hang.

New Lucid development blogpost, Episode #3 in the series. We were able to finally build Bochs -static-pie with a custom Musl toolchain. Executing Bochs now, we implemented a simple MMU and emulated File I/O. Some other details on some refactoring included: h0mbre.github.io/Loading_Bochs/#

New blog post about implementing syscall sandboxing to keep a test program from interfacing with the kernel via changes to Musl. We implement our own context-switching routine and handle the syscalls in the fuzzer. Next we'll sandbox Bochs & do snapshots h0mbre.github.io/Lucid_Context_…

@0xTib3rius @endingwithali I'll be there tomorrow! First time going 🎉

I'm first in line for registration with @endingwithali. 🤣 #ShmooCon

@M0nk3H I'll be there Saturday for sure, possibly Sunday

Snagged shmoocon tickets! I’m so stoked!! Who else is going? #shmoocon

@inCIDRthreat @shmoocon Heck yeah!

@epi052 @shmoocon You know it!!!

Was able to get a ticket for @shmoocon 🎉 anyone I know going?