HN Security

[1] mariusmue.com/research/2025-… by @danielklischies @nSinusR @noopwafel et al. [2] binarly.io/blog/another-c… by @binarly_io [3] evilsocket.net/2025/12/18/TP-… by @evilsocket [4] hnsecurity.it/blog/streamlin… by @0xdea [5] zionbasque.com/files/papers/d… by @mahal0z @AnantaSoneji @adamdoupe et al. [6] onekey.com/resource/how-w… by @onekey_sec @qkaiser

happy new year 🚀 once again, I want to kick off the year by sharing some of my favorite firmware & low-level security research of 2025: BaseBridge: Bridging the Gap between Over-The-Air and Emulation Testing for Cellular Baseband Firmware [1] Another Crack in the Chain of Trust: Uncovering (Yet Another) Secure Boot Bypass [2] TP-Link Tapo C200: Hardcoded Keys, Buffer Overflows and Privacy in the Era of AI Assisted Reverse Engineering [3] Streamlining vulnerability research with IDA Pro and Rust [4] An Empirical Study of Human–LLM Teaming in Software Reverse Engineering [5] Understanding RTOS Firmware [6]

In this latest article in our long-running series on #BurpSuite #Extension #Development, @apps3c illustrates how to extend the Active and Passive Scanner in your favorite #WebApplication #PenetrationTesting tool with Custom Scan Checks: hnsecurity.it/blog/extending… Check it out!

Hey developers and vulnerability researchers! I'm working on improving my C/C++ #Semgrep ruleset, and I've just published the v1.1.0 release: github.com/0xdea/semgrep-… Please test it inside and out, open issues or submit PRs. Aiming for a major release sometime before spring.

Our senior security analyst @0x_nope has published a follow-up to his popular #Groovy Template Engine #Exploitation writeup: hnsecurity.it/blog/groovy-te… Check out some new practical exploitation tricks that he figured out while working on a real-world scenario.

I released an updated version of Brida (0.6), fully compatible with @fridadotre >= 17! You can download the new release from GitHub and soon from the @Burp_Suite BAppStore. hnsecurity.it/blog/brida-0-6…

#Brida 0.6 is here! The bridge between #BurpSuite and #Frida is now fully compatible with Frida 17+. For users who still rely on older Frida versions, Brida 0.6pre remains available on GitHub. hnsecurity.it/blog/brida-0-6… Coming soon to the BApp Store (pending approval).

If you’re into #ReverseEngineering, #VulnerabilityResearch, or #Rust, don’t miss @0xdea’s latest: Streamlining Vulnerability Research with the idalib Rust Bindings for IDA 9.2 💻 🦀 Now live on our restyled blog! hnsecurity.it/blog/streamlin…

It’s a real pleasure to be featured in the @HexRaysSA blog! Thanks for having me.

👉 Check out this guest post from Marco Ivaldi (@0xdea), where he walks through using idalib’s Rust bindings with IDA 9.2 to streamline vulnerability research. Worth a read for anyone in security. eu1.hubs.ly/H0nDBn40

I've updated my #VulnerabilityResearch and #ReverseEngineering tools to use the latest version of @binarly_io #idalib #Rust bindings, which support @HexRaysSA IDA Pro 9.2 and their freshly open-sourced SDK. github.com/0xdea/rhabdoma… github.com/0xdea/haruspex github.com/0xdea/augur

@orange_8361 @guitmz So great to see all your efforts finally being rewarded, congrats! Your article strongly resonates with me, it’s an impressive peek into your mind and an inspiring perspective on CTFs and hacking in general, packed with hidden gems 💎

Turns out my #PHRACK article is live! 🔥 > The Art of PHP — My CTF Journey and Untold Stories! Kinda a love letter to those CTF players & PHP nerds! Hope all the credit goes to the right ppl. Also huge thanks to @0xdea for not forgetting me, @guitmz for the edits, and the @Phrack crew for keeping it real! 🎉 #article" target="_blank" rel="nofollow noopener">phrack.org/issues/72/5_md…

At long last - Phrack 72 has been released online for your reading pleasure! Check it out: phrack.org

Always happy news to see my work spark new joy. In this case, my @semgrep ruleset at github.com/0xdea/semgrep-…. Congrats to @trailofbits and best wishes for a wonderful career to Will 👍

In our last post, @apps3c shares some PoCs of GenAI/LLM security issues found in real-world assessments conducted for corporate clients, with a focus on vulnerabilities that can be exploited to gain unauthorized access to data, resources, and services. security.humanativaspa.it/attacking-gena…

Today I’m celebrating one year of #Rust! 🦀 I started learning it last summer, and since then, I’ve pretty much stopped programming in any other language. I’ve documented my journey in this series of articles: security.humanativaspa.it/tag/rust/ Here’s to many more years with Rust! 🥂

I'm pleased to announce a new version of the Rust bindings for @HexRaysSA IDA Pro! With: - Improved strings, metadata, and core APIs - Support for the name API Thank you to @0xdea & @williballenthin for contributing! Docs: idalib.rs Code: git.idalib.rs

🔍 Durante un assessment, Gianluca Baldi di @hnsec ha individuato una vulnerabilità ad alto impatto nella Microsoft Graph API: un bug che gli è valso un bounty da 3.000$! 🔗 security.humanativaspa.it/export-to-pdf-… 🟠 #HumanativaGroup #HNSecurity #CyberSecurity #BugBounty #Microsoft365

As an old fart in #xdev, I often get asked how to get into binary exploitation in 2025. I looked around, and here’s my recommendation: pwn.college #pwncollege is a huge collection of free #lectures and practical #challenges maintained by a team of #hackers at @ASU.