Ajax

#Miasm, the reverse engineering framework in Python, has a new home: github.com/cea-sec/miasm ! Asm/Dis, IR translation, Emul, Symbolic exec…

Nous sommes à la recherche de volontaires pour réaliser le challenge SSTIC 2025 ! Si vous êtes intéressé vous pouvez retrouver les informations pour nous contacter sur sstic.org ! Bonne fêtes ☃️

Even if it works for some (old) commercial packers, it seems that nowadays malware authors prefer one-time & custom packers... So likely not that useful, but still fun to make 🤷

github.com/commial/experi… Little experiment about reusing Windows Defender built-in unpackers, mostly for fun (based on the very useful @taviso's loadlibrary)

The SSTIC challenge 2024 is now opened and english friendly! You can find it here : sstic.org/2024/challenge! Good luck!

Do you wish Time Travel Debugging was faster and more lightweight? Our latest version lets you decide exactly what you want recorded! Select modules to record or use the API for full control. Get your recording just the way you like it. Crusts optional. aka.ms/ttd

Write up of the HVCI bypass vuln (CVE-2024-21305) with @aall86 ! tandasat.github.io/blog/2024/01/1…

L’@ANSSI_FR lance #Hackropole 🏛 une plateforme regroupant la quasi-totalité des épreuves du France Cybersecurity Challenge #FCSC. 🇫🇷 🏆 Une centaine d’épreuves est déjà disponible ! 💪 🚀Rendez-vous dès maintenant sur : cyber.gouv.fr/actualites/lan… #ANSSI #numérique #FCSC #ECSC

First big result from our new CPU research project, a use-after-free in AMD Zen2 processors! 🔥 AMD have just released updated microcode for affected systems, please update! lock.cmpxchg8b.com/zenbleed.html

Honored to be invited to speak at @sstic today. Stream my talk “Deep Attack Surfaces, Shallow Bugs” here: streaming.sstic.org

La billetterie de SSTIC 2023 ouvrira demain, le 13 avril à 10h00. Retrouvez les instructions sur sstic.org/2023/news/insc…

A short🧵 detailing a Kerberos LPE I discovered while working with @tiraniddo on our BlackHat research. msrc.microsoft.com/update-guide/v… (CVE-2023-21817) This was fixed in Feb, but I think some will find the vulnerability & exploitation interesting. 1/

Le challenge sera publié ce vendredi 31 mars à 19h00, heure de Paris à l'adresse suivante : sstic.org/2023/challenge/ À vos marques !

Le programme est disponible : sstic.org/2023/programme/ ! La billetterie ouvrira dans les prochaines semaines.

If you use @obsdmd for your #pentest / #redteam or #threatintel notes, you might be interested in the IVRE community plugin for #Obsidian, that uses data from IVRE to enrich your notes. Get it from Obsidian (in community plugins, look for "ivre") or see github.com/ivre/obsidian-…

Comment bien commencer la nouvelle année ? En soumettant à SSTIC ! Vous avez jusqu'au 30 janvier. Toutes les infos : sstic.org/2023/cfp/

My first blog post about analyzing windows defender is out! Fuzzing the Shield: CVE-2022–24548 - medium.com/s2wblog/fuzzin…

The results are out! We are very honoured to have won first place🥇in the Hex-Rays plugin contest 2022 🎉 Our entry was "ttddbg", a time-travel debugging plugin for IDA already presented at #SSTIC 2022. Many congratulations to all the other entrants!

@Void_Sec Yep, thanks for the teamwork!

First place at SANS #SEC760 CTF; it would not have been possible withouth my teammate @commial

New release of github.com/commial/ttd-bi…, featuring more API wrapping (thanks @citronneur), and new examples: coverage (LightHouse compatible) and a trace producer for the awesome Tenet plugin (cc @gaasedelen)

@noraj_rawsec @botherder @tenacioustek @amnesty @mtth_bfft @colinoflynn @newaetech Merci pour la quote, mais je ne suis pas le deuxième auteur d'ADELEG (je présentais plutôt TTD en rump) . Il s'agit d'aurelien, qui n'a pas de compte oiseau ;)

📌 MVT by @botherder and @tenacioustek at @amnesty 📌 ADeleg by @mtth_bfft and @commial 📌 ChipWhisperer by @colinoflynn at @newaetech

J'ai ajouté tous les outils FLOSS qui ont été mentionnés en cette 1ere journée du #SSTIC 2022 au #Rawsec Inventory (cf. thread). J'ai pu en louper donc n'hésitez pas à PR. inventory.raw.pm @sstic