Alexandre Borges
@alexandreborges.bsky.social
Vulnerability Researcher | Exploit Developer (speaker 3x at DEF CON)
Pinned
So far, I have already written 15 articles (1045 pages), which have been published on my blog:
blog: exploitreversing.com
Series:
[+] ERS: Exploiting Reversing Series
[+] MAS: Malware Analysis Series
Enjoy reading and have a great day.
#windows #iOS #macOS #chrome #kernel #vulnerability
blog: exploitreversing.com
Series:
[+] ERS: Exploiting Reversing Series
[+] MAS: Malware Analysis Series
Enjoy reading and have a great day.
#windows #iOS #macOS #chrome #kernel #vulnerability
From Coverage to Causes: Data-Centric Fuzzing for JavaScript Engines:
(paper) arxiv.org/pdf/2512.18102
(project) github.com/KKGanguly/Da...
#fuzzing #vulnerability #javascript #exploitation #llm
(paper) arxiv.org/pdf/2512.18102
(project) github.com/KKGanguly/Da...
#fuzzing #vulnerability #javascript #exploitation #llm
December 27, 2025 at 1:07 AM
From Coverage to Causes: Data-Centric Fuzzing for JavaScript Engines:
(paper) arxiv.org/pdf/2512.18102
(project) github.com/KKGanguly/Da...
#fuzzing #vulnerability #javascript #exploitation #llm
(paper) arxiv.org/pdf/2512.18102
(project) github.com/KKGanguly/Da...
#fuzzing #vulnerability #javascript #exploitation #llm
Callback hell: abusing callbacks, tail-calls, and proxy frames to obfuscate the stack:
klezvirus.github.io/posts/Callba...
#cybersecurity #infosec #windows #reverseengineering #programming
klezvirus.github.io/posts/Callba...
#cybersecurity #infosec #windows #reverseengineering #programming
December 23, 2025 at 5:26 PM
Callback hell: abusing callbacks, tail-calls, and proxy frames to obfuscate the stack:
klezvirus.github.io/posts/Callba...
#cybersecurity #infosec #windows #reverseengineering #programming
klezvirus.github.io/posts/Callba...
#cybersecurity #infosec #windows #reverseengineering #programming
Announcing hardware-accelerated BitLocker:
techcommunity.microsoft.com/blog/windows...
#crypto #cybersecurity #infosec #informationsecurity #hacking #bitlocker
techcommunity.microsoft.com/blog/windows...
#crypto #cybersecurity #infosec #informationsecurity #hacking #bitlocker
Announcing hardware-accelerated BitLocker - Windows IT Pro Blog
BitLocker takes advantage of the latest and modern SoC and CPU capabilities for better performance and security.
techcommunity.microsoft.com
December 23, 2025 at 3:51 AM
Announcing hardware-accelerated BitLocker:
techcommunity.microsoft.com/blog/windows...
#crypto #cybersecurity #infosec #informationsecurity #hacking #bitlocker
techcommunity.microsoft.com/blog/windows...
#crypto #cybersecurity #infosec #informationsecurity #hacking #bitlocker
$5 Prompt Finds $2,418 Vulnerability:
new-blog.ch4n3.kr/llm-found-se...
#cybersecurity #vulnerability #infosec #informationsecurity #bug
new-blog.ch4n3.kr/llm-found-se...
#cybersecurity #vulnerability #infosec #informationsecurity #bug
How I Found a $2,418 Vulnerabilities with a $5 Prompt
Hi I'm Seokchan Yoon. Currently working for blockchain security audit company Zellic.io and also a member of the security team of Apache Foundation's Airflow project
Two months ago, I've twitted by s...
new-blog.ch4n3.kr
December 22, 2025 at 2:27 PM
$5 Prompt Finds $2,418 Vulnerability:
new-blog.ch4n3.kr/llm-found-se...
#cybersecurity #vulnerability #infosec #informationsecurity #bug
new-blog.ch4n3.kr/llm-found-se...
#cybersecurity #vulnerability #infosec #informationsecurity #bug
A look at an Android ITW DNG exploit:
projectzero.google/2025/12/andr...
#android #exploit #vulnerability #cybersecurity #informationsecurity
projectzero.google/2025/12/andr...
#android #exploit #vulnerability #cybersecurity #informationsecurity
December 21, 2025 at 2:05 PM
A look at an Android ITW DNG exploit:
projectzero.google/2025/12/andr...
#android #exploit #vulnerability #cybersecurity #informationsecurity
projectzero.google/2025/12/andr...
#android #exploit #vulnerability #cybersecurity #informationsecurity
godap: A complete TUI for LDAP.
github.com/Macmod/godap
#ldap #cybersecurity #informationsecurity #hacking #redteam
github.com/Macmod/godap
#ldap #cybersecurity #informationsecurity #hacking #redteam
December 17, 2025 at 2:03 PM
godap: A complete TUI for LDAP.
github.com/Macmod/godap
#ldap #cybersecurity #informationsecurity #hacking #redteam
github.com/Macmod/godap
#ldap #cybersecurity #informationsecurity #hacking #redteam
Extending Kernel Race Windows Using '/dev/shm':
faith2dxy.xyz/2025-11-28/e...
#kernel #linux #exploitation #cybersecurity #infosec #informationsecurity
faith2dxy.xyz/2025-11-28/e...
#kernel #linux #exploitation #cybersecurity #infosec #informationsecurity
Extending Kernel Race Windows Using '/dev/shm'
Recently, I came across this kernelCTF submission where the author mentions a novel technique for extending race windows in the Linux kernel: I learned…
faith2dxy.xyz
December 16, 2025 at 12:53 AM
Extending Kernel Race Windows Using '/dev/shm':
faith2dxy.xyz/2025-11-28/e...
#kernel #linux #exploitation #cybersecurity #infosec #informationsecurity
faith2dxy.xyz/2025-11-28/e...
#kernel #linux #exploitation #cybersecurity #infosec #informationsecurity
A look at an Android ITW DNG exploit:
googleprojectzero.blogspot.com/2025/12/a-lo...
#android #exploit #vulnerability #zeroclick #exploitation #mobilesecurity
googleprojectzero.blogspot.com/2025/12/a-lo...
#android #exploit #vulnerability #zeroclick #exploitation #mobilesecurity
December 13, 2025 at 1:07 PM
A look at an Android ITW DNG exploit:
googleprojectzero.blogspot.com/2025/12/a-lo...
#android #exploit #vulnerability #zeroclick #exploitation #mobilesecurity
googleprojectzero.blogspot.com/2025/12/a-lo...
#android #exploit #vulnerability #zeroclick #exploitation #mobilesecurity
React2Shell Exploits on GitHub:
www.vulncheck.com/blog/react2s...
#react2shell #exploit #exploitation #cybersecurity #cve #vulnerability #nodejs
www.vulncheck.com/blog/react2s...
#react2shell #exploit #exploitation #cybersecurity #cve #vulnerability #nodejs
React2Shell Exploits on GitHub | Blog | VulnCheck
VulnCheck reviewed the full wave of React2Shell exploits published on GitHub, discarding about half as broken or misleading and surfacing several genuinely interesting techniques from the rest. We cur...
www.vulncheck.com
December 12, 2025 at 4:57 PM
React2Shell Exploits on GitHub:
www.vulncheck.com/blog/react2s...
#react2shell #exploit #exploitation #cybersecurity #cve #vulnerability #nodejs
www.vulncheck.com/blog/react2s...
#react2shell #exploit #exploitation #cybersecurity #cve #vulnerability #nodejs
No Leak, No Problem - Bypassing ASLR with a ROP Chain to Gain RCE;
modzero.com/en/blog/no-l...
#exploitation #cve #rce #rop #aslr #arm #iot
modzero.com/en/blog/no-l...
#exploitation #cve #rce #rop #aslr #arm #iot
No Leak, No Problem - Bypassing ASLR with a ROP Chain to Gain RCE
modzero.com
December 11, 2025 at 12:50 AM
No Leak, No Problem - Bypassing ASLR with a ROP Chain to Gain RCE;
modzero.com/en/blog/no-l...
#exploitation #cve #rce #rop #aslr #arm #iot
modzero.com/en/blog/no-l...
#exploitation #cve #rce #rop #aslr #arm #iot
N-Able Windows Software Probe Remote Code Execution:
www.securifera.com/blog/2025/12...
#dotnet #vulnerability #windows #hacking #exploitation #infosec #informationsecurity
www.securifera.com/blog/2025/12...
#dotnet #vulnerability #windows #hacking #exploitation #infosec #informationsecurity
N-Able (Formerly SolarWinds MSP) Windows Software Probe Remote Code Execution (CVE-2025-11367)
N-Able Windows Software Probe Remote Code Execution
Recently I was performing a penetration test using Reverge when an interesting service caught my attention. The banner reported “ms .net remoting s...
www.securifera.com
December 4, 2025 at 11:15 PM
N-Able Windows Software Probe Remote Code Execution:
www.securifera.com/blog/2025/12...
#dotnet #vulnerability #windows #hacking #exploitation #infosec #informationsecurity
www.securifera.com/blog/2025/12...
#dotnet #vulnerability #windows #hacking #exploitation #infosec #informationsecurity
High Fidelity Detection Mechanism for RSC/Next.js RCE (CVE-2025-55182 & CVE-2025-66478):
slcyber.io/research-cen...
#exploit #exploitation #infosec #informationsecurity #cve #rce #hacking #deserialization
slcyber.io/research-cen...
#exploit #exploitation #infosec #informationsecurity #cve #rce #hacking #deserialization
High Fidelity Detection Mechanism for RSC/Next.js RCE (CVE-2025-55182 & CVE-2025-66478) › Searchlight Cyber
This morning, an advisory was released for Next.js about a vulnerability that leads to RCE in default configurations, with no prerequisites. The root cause of this issue lies in React Server Component...
slcyber.io
December 4, 2025 at 4:47 PM
High Fidelity Detection Mechanism for RSC/Next.js RCE (CVE-2025-55182 & CVE-2025-66478):
slcyber.io/research-cen...
#exploit #exploitation #infosec #informationsecurity #cve #rce #hacking #deserialization
slcyber.io/research-cen...
#exploit #exploitation #infosec #informationsecurity #cve #rce #hacking #deserialization
Reposted by Alexandre Borges
This vulnerability was the inspiration for the first step of the Panel challenge we played during last week’s Grehack CTF
But we found a dumb bypass 😎
But we found a dumb bypass 😎
Breaking Oracle’s Identity Manager: Pre-Auth RCE (CVE-2025-61757):
slcyber.io/research-cen...
#oracle #authentication #vulnerability #rce #informationsecurity #infosec #cybersecurity #cve
slcyber.io/research-cen...
#oracle #authentication #vulnerability #rce #informationsecurity #infosec #cybersecurity #cve
Breaking Oracle’s Identity Manager: Pre-Auth RCE (CVE-2025-61757) › Searchlight Cyber
Intro Earlier this year, in January, Oracle Cloud's login service (login.us2.oraclecloud.com) was breached—this led to the compromise of 6M records and over 140k Oracle Cloud tenants. Analysis showed ...
slcyber.io
December 3, 2025 at 2:42 PM
This vulnerability was the inspiration for the first step of the Panel challenge we played during last week’s Grehack CTF
But we found a dumb bypass 😎
But we found a dumb bypass 😎
Linux Kernel Explorer:
reverser.dev/linux-kernel...
#linux #kernel #programming #sourcecode #informationsecurity
reverser.dev/linux-kernel...
#linux #kernel #programming #sourcecode #informationsecurity
December 2, 2025 at 4:52 PM
Linux Kernel Explorer:
reverser.dev/linux-kernel...
#linux #kernel #programming #sourcecode #informationsecurity
reverser.dev/linux-kernel...
#linux #kernel #programming #sourcecode #informationsecurity
MacOS Infection Vector: Using AppleScripts to bypass Gatekeeper:
pberba.github.io/security/202...
#macOS #infosec #applescript #cybersecurity #exploitation #hacking
pberba.github.io/security/202...
#macOS #infosec #applescript #cybersecurity #exploitation #hacking
MacOS Infection Vector: Using AppleScripts to bypass Gatekeeper
A look at how threat actors are abusing AppleScript .scpt files to deliver macOS malware, from fake documents to browser update lures, and how these scripts ...
pberba.github.io
November 30, 2025 at 6:22 PM
MacOS Infection Vector: Using AppleScripts to bypass Gatekeeper:
pberba.github.io/security/202...
#macOS #infosec #applescript #cybersecurity #exploitation #hacking
pberba.github.io/security/202...
#macOS #infosec #applescript #cybersecurity #exploitation #hacking
Living Off the Land: Windows Post-Exploitation Without Tools:
xbz0n.sh/blog/living-...
#cybersecurity #windows #hacking #hacking #informationsecurity
xbz0n.sh/blog/living-...
#cybersecurity #windows #hacking #hacking #informationsecurity
Living Off the Land: Windows Post-Exploitation Without Tools
I'll never forget one of my first red team engagements where I learned this lesson the hard way. I'd spent two days carefully phishing my way into a financia...
xbz0n.sh
November 29, 2025 at 4:01 PM
Living Off the Land: Windows Post-Exploitation Without Tools:
xbz0n.sh/blog/living-...
#cybersecurity #windows #hacking #hacking #informationsecurity
xbz0n.sh/blog/living-...
#cybersecurity #windows #hacking #hacking #informationsecurity
Breaking Oracle’s Identity Manager: Pre-Auth RCE (CVE-2025-61757):
slcyber.io/research-cen...
#oracle #authentication #vulnerability #rce #informationsecurity #infosec #cybersecurity #cve
slcyber.io/research-cen...
#oracle #authentication #vulnerability #rce #informationsecurity #infosec #cybersecurity #cve
Breaking Oracle’s Identity Manager: Pre-Auth RCE (CVE-2025-61757) › Searchlight Cyber
Intro Earlier this year, in January, Oracle Cloud's login service (login.us2.oraclecloud.com) was breached—this led to the compromise of 6M records and over 140k Oracle Cloud tenants. Analysis showed ...
slcyber.io
November 21, 2025 at 7:09 PM
Breaking Oracle’s Identity Manager: Pre-Auth RCE (CVE-2025-61757):
slcyber.io/research-cen...
#oracle #authentication #vulnerability #rce #informationsecurity #infosec #cybersecurity #cve
slcyber.io/research-cen...
#oracle #authentication #vulnerability #rce #informationsecurity #infosec #cybersecurity #cve
Microsoft ms-photos URI NTLM Leak:
github.com/rubenformati...
#microsoft #infosec #vulnerability #leak #ntlm #windows
github.com/rubenformati...
#microsoft #infosec #vulnerability #leak #ntlm #windows
November 19, 2025 at 1:26 AM
Microsoft ms-photos URI NTLM Leak:
github.com/rubenformati...
#microsoft #infosec #vulnerability #leak #ntlm #windows
github.com/rubenformati...
#microsoft #infosec #vulnerability #leak #ntlm #windows
Rehabilitating Registry Tradecraft with RegRestoreKey:
www.preludesecurity.com/blog/rehabil...
#infosec #windows #cybersecurity #edr #callback
www.preludesecurity.com/blog/rehabil...
#infosec #windows #cybersecurity #edr #callback
Rehabilitating Registry Tradecraft with RegRestoreKey | Prelude
Exploring how EDRs detect registry activity, and how modifying registry primitives can bypass ETW and callback-based detection to force deeper defensive change.
www.preludesecurity.com
November 18, 2025 at 11:12 PM
Rehabilitating Registry Tradecraft with RegRestoreKey:
www.preludesecurity.com/blog/rehabil...
#infosec #windows #cybersecurity #edr #callback
www.preludesecurity.com/blog/rehabil...
#infosec #windows #cybersecurity #edr #callback
Introducing HCLI: The Modern Command-Line Interface for IDA:
hex-rays.com/blog/introdu...
#idapro #interface #ida #hcli #reverseengineering
hex-rays.com/blog/introdu...
#idapro #interface #ida #hcli #reverseengineering
November 17, 2025 at 11:39 PM
Introducing HCLI: The Modern Command-Line Interface for IDA:
hex-rays.com/blog/introdu...
#idapro #interface #ida #hcli #reverseengineering
hex-rays.com/blog/introdu...
#idapro #interface #ida #hcli #reverseengineering
Injection for an athlete:
swarm.ptsecurity.com/injection-fo...
#android #vulnerability #exploitation #application #cybersecurity
swarm.ptsecurity.com/injection-fo...
#android #vulnerability #exploitation #application #cybersecurity
November 17, 2025 at 11:35 PM
Injection for an athlete:
swarm.ptsecurity.com/injection-fo...
#android #vulnerability #exploitation #application #cybersecurity
swarm.ptsecurity.com/injection-fo...
#android #vulnerability #exploitation #application #cybersecurity
Living in the Namespace - ft. unshare():
hackmd.io/@0xmadvise/r...
#linux #vulnerability #cybersecurity #exploit #exploitation
hackmd.io/@0xmadvise/r...
#linux #vulnerability #cybersecurity #exploit #exploitation
November 14, 2025 at 5:24 PM
Living in the Namespace - ft. unshare():
hackmd.io/@0xmadvise/r...
#linux #vulnerability #cybersecurity #exploit #exploitation
hackmd.io/@0xmadvise/r...
#linux #vulnerability #cybersecurity #exploit #exploitation
Making Serialization Gadgets by Hand - .NET:
www.vulncheck.com/blog/making-...
#dotnet #infosec #deserialization #hacking #programming #exploit #exploitation
www.vulncheck.com/blog/making-...
#dotnet #infosec #deserialization #hacking #programming #exploit #exploitation
Making Serialization Gadgets by Hand - .NET | Blog | VulnCheck
Creating a language-native .NET source for deserialization gadgets
www.vulncheck.com
November 13, 2025 at 4:18 PM
Making Serialization Gadgets by Hand - .NET:
www.vulncheck.com/blog/making-...
#dotnet #infosec #deserialization #hacking #programming #exploit #exploitation
www.vulncheck.com/blog/making-...
#dotnet #infosec #deserialization #hacking #programming #exploit #exploitation
Mojo GPU Puzzles:
puzzles.modular.com/introduction...
#crypto #gpu #python #infosec #informationsecurity #programming
puzzles.modular.com/introduction...
#crypto #gpu #python #infosec #informationsecurity #programming
November 11, 2025 at 8:16 PM