Introduction | heap-exploitation

Lazy sunday literature: Heap Exploitation

heap-exploitation.dhavalkapil.com/introduction

#ctf #cybersecurity #heap #malloc #exploits #glibc

Domo kitten

My (belated) contribution for the recent di.day: Providing instructions for users to switch from Discord to the (long existing) IRC servers at www.OverTheWire.org:

overthewire.org/information/...

#ctf #cybersecurity #di #dutgemacht #diday #overthewire #wargames #irc

Save the date: ibug 2026 - 10-jähriges Jubiläum:

Sa 22.08.2026: 10:00 Geocaching-Event:
ibug 2026 (GCBKXVZ), 03525 Riesa

Event-Publish erfolgt reichtzeitig. Fühlt euch eingeladen!

#geocaching #ibug #streetart #lostplace

pwning NetBSD-aarch64 (ARM)
- www.feyrer.de/NetBSD/blog....

#pwn #binaryexploitation #ctf #cybersecurity #pwntools #gdb #netbsd #arm #aarch64

(venv-pwn) qnetbsd$ uname -a
NetBSD qnetbsd 11.0_RC2 NetBSD 11.0_RC2 (GENERIC64) #0: Wed Mar 4 21:02:00 UTC 2026 mkrepro@mkrepro.NetBSD.org:/usr/src/sys/arch/evbarm/compile/GENERIC64 evbarm

(venv-pwn) qnetbsd$ python3 -c 'from pwn import * ; p = b"A" * 16 + p64(0x2001009f4); sys.stdout.buffer.write(p)' | ./win2
What is your name? Hello AAAAAAAAAAAAAAAA�
Goodbye, winner.

This afternoon's fun: pwning NetBSD-aarch64 (ARM)

[details in comments - why is there such a small limit in Bluesky?]

#pwn #netbsd #binaryexploitation #arm #aarch64 #pwntools #gdb

looks very interesting - thanks for the great work!
Now where do I find time to play with this? :)

GitHub - vulhunt-re/vulhunt: Vulnerability detection framework by Binarly's REsearch team Vulnerability detection framework by Binarly's REsearch team - vulhunt-re/vulhunt

VulHunt: vulnerability detection framework

github.com/vulhunt-re/v...

Accompanying blog series:

www.binarly.io/blog/vulhunt...
www.binarly.io/blog/vulhunt...
www.binarly.io/blog/vulnera...
www.binarly.io/blog/vulhunt...
www.binarly.io/blog/agentic...

#infosec

MCP is the new HTTP :-)

Testdriving NetBSD-11.0RC2 on ARM hardware (in VM!)

www.feyrer.de/NetBSD/blog....

#netbsd #arm #qemu

What a hell of a challenge!

🎉 Successfully completed Yansanity (Easy)! 🎉
🎉 Successfully completed Yansanity (Hard)! 🎉

Did you ever reverse-engineer a CPU & operating system where you didn't know the instruction opcodes, registers, CPU flags, syscall numbers etc.?

#pwncollege #ctf #y85

... and obviously the image was hand-generated, as AI totally failed on me to make this one pretty

#contentsbeforedesign

3/3

3. The middle is getting thinner.
Due to reduction of skilled work force, the (human) skill gap will increase.

My open question:
How do we train future experts so we don’t lose as people and as a society?

How do you see this development in your field?

2/x

1. More people achieve better results.
AI raises the baseline significantly. That’s a good thing.

2. True expertise is becoming even scarcer and more difficult.
Who will understand training data, models, and system behavior deeply enough to improve them?

1/3

Irony of the day:
I’m writing this post with AI, musing about how AI is changing our society.

I currently observe three effects:

#AI #Skills #FutureOfWork #Learning #Leadership #Productivity

No more nodejs/npm/ts crap, smolClaw is now based on picoclaw github.com/NetBSDfr/smo...

Frage mich immer warum ihr alle euren Pessimismus hier so abfeiert. Macht ihr das draußen auch so?

Wäre mehr für Goodnews, Geschichten über coole Menschen, die was weiterbringen etc.

Geht das? 😘

"Computer, what's new?" - why search for news and filter what's (not) interesting, if OpenClaw can do that with my "hfnews" skill.

Enjoy: clawhub.ai/huberteff/hf...

#ai #clawbot #openclaw #hfnews #stopwords #news #agenticai

Binary patching in ghidra in three easy steps:
1) Clear ghidra's idea of what the bytes are
2) Inspect the raw bytes and plan with what to overwrite
3) Overwrite e.g. with NOP and see ghidra eliminate an if-clause

#ctf #cybersecurity #ghidra #binaryreverseengineering #patch

What do stack canaries dream of?

#ctf #cybersecurity #x86 #stack #canary

39C3: Congress Everywhere Auch in diesem Jahr bieten wieder Hackspaces und andere Orte die Möglichkeit, gemeinsam Vorträge zu streamen, zu hacken, Party zu machen und mehr. Der Congress ist überall, wo er gelebt wird. Dabei…

Auch 2025 bieten wieder Hackspaces und andere Orte die Möglichkeit, gemeinsam Vorträge zu streamen, zu hacken, Party zu machen und mehr. Der #39C3 ist überall, wo er gelebt wird: Congress Everywhere events.ccc.de/2025/12/20/3...

CTF Writeup: pwn.college - Advent of Pwn 2025

pwn.college is an educational cybersecurity platform by Arizona State University. Their Advent of Pwn 2025 released one challenge per day during December.

www.feyrer.de/CTF/CTF-Writ...

#ctf #cybersecurity #pwncollege #adventofpwn

Work hard, play hard - die letzten zwei Tage beruflich beim project networks Strategiegipfel Cybersecurity.

#cybersecurity #cyberresilience

Offensive Security - Researcher - Jobs - Careers at Apple Apply for a Offensive Security - Researcher job at Apple. Read about the role and find out if it’s right for you.

Apple SEAR is hiring offensive security researchers!

We’re looking for talented researchers across multiple areas of security.

Check out the job description here:
jobs.apple.com/en-us/detail...

Feel free to reach out if you have any questions.

#infosec

"Challenges and Pitfalls while Emulating Six Current Icelandic Household Routers"

Evaluation of different tools for routers firmware emulation
(FACT, QEMU, EMUX, Qiling, Firmadyne, FAT, FirmAE, Pandawan, and EMBA)

skemman.is/bitstream/19...

#cybersecurity #embedded

Frame Maker 🔥

Ursprünglicher Beitrag: 23.social/@linuzifer/1...

So what working alternatives are there?

Ursprünglicher Beitrag: bsd.network/@imil/114317...