buherator
@buherator.bsky.social
"I'm interested in all kinds of astronomy."
https://scrapco.de
Mostly cross-posting from Fediverse: @[email protected]
https://scrapco.de
Mostly cross-posting from Fediverse: @[email protected]
When giving #infosec advice it's easy to forget that the average person probably only knows about Uniform resource Locators and the Domain Name System.
And Public Key Infrastructure of course.
Original->
And Public Key Infrastructure of course.
Original->
November 27, 2025 at 6:08 AM
When giving #infosec advice it's easy to forget that the average person probably only knows about Uniform resource Locators and the Domain Name System.
And Public Key Infrastructure of course.
Original->
And Public Key Infrastructure of course.
Original->
VSCode doesn't know the powers I possess!
Original->
Original->
November 26, 2025 at 2:37 PM
VSCode doesn't know the powers I possess!
Original->
Original->
November 23, 2025 at 5:24 PM
Thanks @pancake for the swag!
Original->
Original->
November 22, 2025 at 2:55 PM
Thanks @pancake for the swag!
Original->
Original->
User-friendly GUI: please provide command line parameters in this text box!
Me, knowing that one of characters will need escaping:
Original->
Me, knowing that one of characters will need escaping:
Original->
November 21, 2025 at 2:08 PM
User-friendly GUI: please provide command line parameters in this text box!
Me, knowing that one of characters will need escaping:
Original->
Me, knowing that one of characters will need escaping:
Original->
November 11, 2025 at 3:51 PM
This article highlights how much control endpoint security vendors have over customer machines, and transitively over companies and maybe even nations:
www.huntress.com ->
You only install this stuff, because you trust the vendor
1/2
www.huntress.com ->
You only install this stuff, because you trust the vendor
1/2
November 11, 2025 at 11:42 AM
This article highlights how much control endpoint security vendors have over customer machines, and transitively over companies and maybe even nations:
www.huntress.com ->
You only install this stuff, because you trust the vendor
1/2
www.huntress.com ->
You only install this stuff, because you trust the vendor
1/2
November 9, 2025 at 7:05 PM
I'm old enough to remember years ago comrades predicting the inevitable fall of software and services which work just fine today.
Original->
Original->
November 9, 2025 at 11:34 AM
I'm old enough to remember years ago comrades predicting the inevitable fall of software and services which work just fine today.
Original->
Original->
As a result of working on r4ghidra I set the ambitious goal to create REshare, an exchange format for #ReverseEngineering tools:
github.com ->
The code is still in its early days (literally) but the fact that it works with complex, real life binaries tells
1/2
github.com ->
The code is still in its early days (literally) but the fact that it works with complex, real life binaries tells
1/2
October 24, 2025 at 6:46 PM
As a result of working on r4ghidra I set the ambitious goal to create REshare, an exchange format for #ReverseEngineering tools:
github.com ->
The code is still in its early days (literally) but the fact that it works with complex, real life binaries tells
1/2
github.com ->
The code is still in its early days (literally) but the fact that it works with complex, real life binaries tells
1/2
My talk about integrating #ReverseEngineering tools is to be broadcasted in a couple of hours for #r2con2025:
rada.re ->
I'll release a ton of code and will be around on Discord for questions and comments.
Original->
rada.re ->
I'll release a ton of code and will be around on Discord for questions and comments.
Original->
October 24, 2025 at 8:50 AM
My talk about integrating #ReverseEngineering tools is to be broadcasted in a couple of hours for #r2con2025:
rada.re ->
I'll release a ton of code and will be around on Discord for questions and comments.
Original->
rada.re ->
I'll release a ton of code and will be around on Discord for questions and comments.
Original->
Thanks to @disasmwinnie now you'll lose a bit less hair when testing Oracle Forms:
github.com ->
#pentesting
Original->
github.com ->
#pentesting
Original->
October 23, 2025 at 4:16 PM
Thanks to @disasmwinnie now you'll lose a bit less hair when testing Oracle Forms:
github.com ->
#pentesting
Original->
github.com ->
#pentesting
Original->
September 29, 2025 at 3:21 PM
/me trying hard not to antropomorphise the LLM
Original->
Original->
September 23, 2025 at 2:48 PM
/me trying hard not to antropomorphise the LLM
Original->
Original->
I combined DEVCORE's CVE-2024-35250 with the CVE-2024-30084 double fetch bug and the Cloud Filter memory trap technique by @tiraniddo to achieve reliable LPE without device requirements on Win10 VMs.
scrapco.de ->
Original->
scrapco.de ->
Original->
August 28, 2025 at 7:43 AM
I combined DEVCORE's CVE-2024-35250 with the CVE-2024-30084 double fetch bug and the Cloud Filter memory trap technique by @tiraniddo to achieve reliable LPE without device requirements on Win10 VMs.
scrapco.de ->
Original->
scrapco.de ->
Original->
Hi, I'm your favorite security vendor, welcome to...
August 16, 2025 at 3:09 PM
Hi, I'm your favorite security vendor, welcome to...
Fun fact: the #Ghidra API is quite consistent in naming methods according to the data types they accept/return, but HighVariables are returned from Varnodes via getHigh()
Original->
Original->
August 16, 2025 at 11:43 AM
Fun fact: the #Ghidra API is quite consistent in naming methods according to the data types they accept/return, but HighVariables are returned from Varnodes via getHigh()
Original->
Original->