🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

RUMOURS are TRUE 🤷‍♀️ PHRACK will be releasing a SPECIAL #71.5 👉HARDCOVER👈 offensivecon BERLIN ("The 𞅀-Day Edition"). Main #72 release THIS SUMMER at MULTIPLE conferences (main release at WHY2025). ❤️

On this episode of The BlueHat Podcast, we’re joined by Marco Ivaldi ([email protected]), co-founder of HN Security and a veteran of the security research community. Marco shares his journey from teenage hacker in the '80s to bug bounty hunter, including his experience at Microsoft’s Zero

If you care about securing legacy systems and staying ahead in bug bounty, don’t miss this episode with [email protected] on The BlueHat Podcast.

It’s been a real pleasure, thank you for having me at the Microsoft BlueHat #podcast!

It’s been a real pleasure, thank you for having me at the Microsoft BlueHat #podcast!

How was it like to attend the exclusive #ZeroDayQuest event? How did a Unix hacker even qualify in the first place? How can you become one of the Security Response MVRs?   Our [email protected] answers these and other questions in his latest article: security.humanativaspa.it/my-zero-day-qu…

We're are happy to announce a new release of our #Rust bindings for Hex-Rays SA idalib. What's new: - New APIs for working with IDBs, segments, and more - Rust 2024 support - New homepage: idalib.rs H/T to our contributors Yegor & [email protected] github.com/binarly-io/ida…

new idalib release! for folks interested in writing headless analysis scripts for IDA in rust, I can recommend [email protected]'s blog post with some neat example use cases: security.humanativaspa.it/streamlining-v…

And here are the latest #VulnerabilityResearch and #ReverseEngineering tools that I wrote in #Rust github.com/0xdea/rhabdoma… github.com/0xdea/haruspex github.com/0xdea/augur github.com/0xdea/oneiroma… Make sure to check the accompanying HN Security blog posts for additional details 🪲🎯

Exploring fault injection on ESP32 V3! Inspired by Delvaux work, we tested voltage #glitching as an attack vector. With advanced triggers & GDB, we achieved a ~1.5% success rate. #Hardware #FaultInjection is becoming more practical! security.humanativaspa.it/fault-injectio…

Happy to see our research replicated and dug even further! We did it with EMFI, HN Security did it with Voltage glitching. But the beauty also lies in the systematic approach and rigorous thinking. It's rare to see such a high quality research in the field of #faultinjection.

And, of course, credit goes to inode for this outstanding research.

Releasing this fun tool Golem based on [email protected], LLVM, LLM and Semgrep Golem automates C/C++ vulnerability discovery by combining Semgrep rule scans, LLVM call-graph & CFG slicing, and AI-driven context analysis. Tool: github.com/20urc3/golem Article: bushido-sec.com/index.php/2025…

Another Week, Another EXPLOITS CLUB 📰 --- 🎉 Binja giveaway: sign up to support the newsletter 🎉 --- Tesla wall charger falls to Synacktiv Bugscale pops a Chrome bug BINARLY🔬 Secure Boot bypass RCE from watchTowr + Jobs & MORE 👇 blog.exploits.club/exploits-club-…

Our FI training #TAoFI is, in itself, a broad experiment in porting FI attacks across different techniques, from EMFI to VCC glithching. More on the process in our latest bog post: raelize.com/blog/espressif… And for the real experience, just join #TAoFI: raelize.com/training/

My #idalib based tools are featured in the latest Hex-Rays SA blog! hex-rays.com/blog/4-powerfu…

Power users are taking IDA headless with idalib. Think large-scale diffing, custom UIs, and CI pipelines... all without launching a GUI. 💡 Get inspired: eu1.hubs.ly/H0lkrQl0

In our last blog post, our colleague Gianluca shares the story of a lucky discovery: a bug initially spotted during a routine assessment turned out to be a high impact vulnerability in Microsoft Graph API — earning a $3,000 bounty. security.humanativaspa.it/export-to-pdf-…

As an old fart in #xdev, I often get asked how to get into binary exploitation in 2025. I looked around, and here’s my recommendation: pwn.college #pwncollege is a huge collection of free #lectures and practical #challenges maintained by a team of #hackers at Arizona State University.