André Lima
@0x4ndr3.bsky.social
Exploit dev (windows) + Windows Internals + RE + Fuzzing
Reposted by André Lima
Write-ups, blog posts and papers related to cybersecurity, reverse engineering and exploitation
github.com/0xor0ne/awes...
#infosec #cybersecurity
github.com/0xor0ne/awes...
#infosec #cybersecurity
January 24, 2025 at 5:40 PM
Write-ups, blog posts and papers related to cybersecurity, reverse engineering and exploitation
github.com/0xor0ne/awes...
#infosec #cybersecurity
github.com/0xor0ne/awes...
#infosec #cybersecurity
Reposted by André Lima
Exploits TOCTOU at hardware level in order to bypass secure boot
www.onekey.com/resource/mak...
#infosec #embedded
www.onekey.com/resource/mak...
#infosec #embedded
December 9, 2024 at 11:17 PM
Exploits TOCTOU at hardware level in order to bypass secure boot
www.onekey.com/resource/mak...
#infosec #embedded
www.onekey.com/resource/mak...
#infosec #embedded
Reposted by André Lima
Collection of write-ups, blog posts and papers related to cybersecurity, reverse engineering and exploitation
github.com/0xor0ne/awes...
#infosec #cybersecurity
github.com/0xor0ne/awes...
#infosec #cybersecurity
December 7, 2024 at 9:11 PM
Collection of write-ups, blog posts and papers related to cybersecurity, reverse engineering and exploitation
github.com/0xor0ne/awes...
#infosec #cybersecurity
github.com/0xor0ne/awes...
#infosec #cybersecurity
Reposted by André Lima
Attacking hypervisors - A practical case : www.reversetactics.com/publications...
Slides : www.reversetactics.com/docs/conf/20...
Slides : www.reversetactics.com/docs/conf/20...
November 26, 2024 at 9:43 AM
Attacking hypervisors - A practical case : www.reversetactics.com/publications...
Slides : www.reversetactics.com/docs/conf/20...
Slides : www.reversetactics.com/docs/conf/20...
Reposted by André Lima
Browser Exploitation Workshop : www.youtube.com/live/b9Ohamk...
Slides : zerodayengineering.com/research/sli...
Slides : zerodayengineering.com/research/sli...
YouTube
Share your videos with friends, family, and the world
www.youtube.com
November 24, 2024 at 12:46 PM
Browser Exploitation Workshop : www.youtube.com/live/b9Ohamk...
Slides : zerodayengineering.com/research/sli...
Slides : zerodayengineering.com/research/sli...
Reposted by André Lima
Exploit-Street : Complete list of LPE exploits for Windows (starting from 2023) : github.com/MzHmO/Exploi...
GitHub - MzHmO/Exploit-Street: Complete list of LPE exploits for Windows (starting from 2023)
Complete list of LPE exploits for Windows (starting from 2023) - MzHmO/Exploit-Street
github.com
November 24, 2024 at 12:49 PM
Exploit-Street : Complete list of LPE exploits for Windows (starting from 2023) : github.com/MzHmO/Exploi...
Reposted by André Lima
Introduction to bypass techniques for anti-cheat and EDR systems
Credits Mark Lester Dampios
whiteknightlabs.com/2024/02/09/a...
#edr
Credits Mark Lester Dampios
whiteknightlabs.com/2024/02/09/a...
#edr
May 3, 2024 at 7:17 AM
Introduction to bypass techniques for anti-cheat and EDR systems
Credits Mark Lester Dampios
whiteknightlabs.com/2024/02/09/a...
#edr
Credits Mark Lester Dampios
whiteknightlabs.com/2024/02/09/a...
#edr
Reposted by André Lima
May 6, 2024 at 9:09 AM
Reposted by André Lima
#HackerNews daily:
Today - fuzzers! I really like fuzzing as a concept for vulnerability research, and this blog explores how to successfully conduct a fuzzing research on an open source project.
Good read!
blog.trailofbits.com/2024/10/31/f...
Today - fuzzers! I really like fuzzing as a concept for vulnerability research, and this blog explores how to successfully conduct a fuzzing research on an open source project.
Good read!
blog.trailofbits.com/2024/10/31/f...
Fuzzing between the lines in popular barcode software
By Artur Cygan Fuzzing—one of the most successful techniques for finding security bugs, consistently featured in articles and industry conferences—has become so popular that you may think most impo…
blog.trailofbits.com
November 24, 2024 at 4:30 PM
#HackerNews daily:
Today - fuzzers! I really like fuzzing as a concept for vulnerability research, and this blog explores how to successfully conduct a fuzzing research on an open source project.
Good read!
blog.trailofbits.com/2024/10/31/f...
Today - fuzzers! I really like fuzzing as a concept for vulnerability research, and this blog explores how to successfully conduct a fuzzing research on an open source project.
Good read!
blog.trailofbits.com/2024/10/31/f...
Reposted by André Lima
Just published a blog post about some critical vulnerabilities I discovered in Wazuh last year! The post covers details on how I found these vulnerabilities and highlights why security tools like EDRs can themselves become valuable targets for attackers.
#infosec
neodyme.io/en/blog/wazu...
#infosec
neodyme.io/en/blog/wazu...
From Guardian to Gateway: The Hidden Risks of EDR Vulnerabilities
Explore the hidden risks within security software as we dive into vulnerabilities of Wazuh, a popular EDR solution.
This post reveals how even trusted tools can become targets, highlighting the import...
neodyme.io
November 22, 2024 at 4:52 PM
Just published a blog post about some critical vulnerabilities I discovered in Wazuh last year! The post covers details on how I found these vulnerabilities and highlights why security tools like EDRs can themselves become valuable targets for attackers.
#infosec
neodyme.io/en/blog/wazu...
#infosec
neodyme.io/en/blog/wazu...
Reposted by André Lima
If you are a OWASP leader, get in touch with @joshcgrossman.com to get added to the #OWASP starter pack.
BlueSky Directory - useful website to find people to follow. Try searching for 'OWASP' to find your friendly #OWASP community:
blueskydirectory.com/starter-pack...
blueskydirectory.com/starter-pack...
Bluesky Starter Packs - Bluesky Directory
Browse a list of Bluesky Starter Packs. Discover and connect with your community on Bluesky
blueskydirectory.com
November 24, 2024 at 11:40 AM
If you are a OWASP leader, get in touch with @joshcgrossman.com to get added to the #OWASP starter pack.