Fabien J.

Had a lot of fun reversing Coruna over the last couple weeks and decided it would be worth to write it all up before I forget - so enjoy :) littlelailo.github.io/writeups/corun…

15-stage Windows malware development & analysis course in Rust. Red team builds it, blue team detects it. All 15 binaries achieved 0/76 on VirusTotal. github.com/F2u0a0d3/goodb…

Find zero-days while you sleep. DeepZero is an automated vulnerability research framework that parses, decompiles, and analyzes thousands of Windows kernel drivers for exploitable IOCTLs natively using AI agents. github.com/416rehman/Deep…

How Browser Exploits Work: A Case Study of CVE-2025-43529 (DarkSword iOS Chain) 8ksec.io/how-browser-ex…

I've been building libghidra: a typed SDK for automating Ghidra from C++, Python, and Rust (mainly for AI agents). Decompile, rename, comment, inspect symbols/types/xrefs, save, close, and reopen projects from code. Treat Ghidra like infrastructure, not just a GUI. Under the hood this is a typed API surface over a Ghidra host/extension. The same core workflows exist across C++, Python, and Rust, so you can use it for quick scripts, larger pipelines, or native tooling. 1/n

Needle in the haystack: LLMs for vulnerability research - @0xAsm0d3us devansh.bearblog.dev/needle-in-the-…

Chrome V8 Security Research: A Step-by-Step Introduction to Browser Architecture & Fundamentals PDF:- exploitreversing.com/wp-content/upl…

SOMEONE DROPPED A FULLY JAILBROKEN, OPEN-SOURCE, PRE-BUILT IOS 26 VIRTUAL MACHINE Repo: github.com/34306/vphone-a…

Introducing the Rootkit Techniques Matrix and updates to the Guide aibaranov.github.io/rootkit-matrix/

Illuminating VoidLink: Technical analysis of the VoidLink rootkit framework Analysis of the leaked rootkit source code complements those findings by providing a deep technical look at the kernel-level subsystem that underpins VoidLink's concealment capabilities. elastic.co/de/security-la…

We analyzed the Coruna exploit kit and found intriguing code overlaps with Operation Triangulation. Full analysis on our blog: link below.

Using Local LLM and Ghidra to analyze malware (Part 2) discounttimu.substack.com/p/using-local-…

An automated N-day research pipeline at PwnFuzz. Ghidra + Ollama + n8n →Diffs Patch Tuesday binaries → LLM analyzes the output → Structured vuln reports, monthly AI-generated reports gets you oriented fast! Blog: ghostbyt3.github.io/blog/nday-rese… Repo: github.com/ghostbyt3/nday…

This is awesome to see @Microsoft publish - "RustTraining". The link is in the comment below - check it out!! Just a small selection of cool things that caught my eye: - Production Async - Concurrency & Runtime - Why C/C++ Developers Need Rust - no_std — Rust Without the Standard Library - The Case for Rust for C# Developers - Systems & Production - Unsafe Rust - Controlled Danger - Phantom Types - Protocol State Machines And lots lots more.. going to spend some time going through this, looks like they have put a lot of work into it!

Looks like opa334 has extracted the kernel exploit github.com/opa334/darkswo…

In this blog from our Mobile Malware series breaks down Xenomorph, an Android banking trojan that loads its DEX payload via JNI, bypassing standard DexClassLoader to evade hooks. Tools: JADX, Simplify, Medusa (Frida), Ghidra 8ksec.io/mobile-malware…

Lookout's LLM-assistance findings in DarkSword iOS exploit kit: a source-by-source breakdown of what each research team actually said blog.barrack.ai/darksword-llm-…

here we go again, new iOS full-chain exploit dubbed DarkSword targeting entities in Ukraine, Saudi Arabia, Turkey, and Malaysia via compromised domains iverify.io/blog/darksword… , cloud.google.com/blog/topics/th… , lookout.com/threat-intelli…

KslDump - Extraction of credentials from PPL-protected LSASS using only Microsoft-signed components github.com/andreisss/KslD…

New blog post: Building a Pipeline for Agentic Malware Analysis Agentic RE + malware analysis with custom skills, MCP tooling, and persistent case state to automate intial triage Link: synthesis.to/2026/03/18/age… Github: github.com/mrphrazer/agen…