buherator
@buherator.bsky.social
"I'm interested in all kinds of astronomy."
https://scrapco.de
Mostly cross-posting from Fediverse: @buherator@infosec.place
https://scrapco.de
Mostly cross-posting from Fediverse: @buherator@infosec.place
OK, it seems I found it (although not very useful, acceptable value formats are not documented for example), at the end of the article about...publishing. Because somehow in the CLI's world there is just *no way* I won't update my code to GitHub :P
1/2
1/2
November 13, 2025 at 4:02 PM
OK, it seems I found it (although not very useful, acceptable value formats are not documented for example), at the end of the article about...publishing. Because somehow in the CLI's world there is just *no way* I won't update my code to GitHub :P
1/2
1/2
Is it my weak search-fu again, or the new qlpack.yml format for #CodeQL is not officially documented? @GitHubSecurityLab
The best resource I could find is this one by @trailofbits:
appsec.guide ->
Original->
The best resource I could find is this one by @trailofbits:
appsec.guide ->
Original->
November 13, 2025 at 10:55 AM
Is it my weak search-fu again, or the new qlpack.yml format for #CodeQL is not officially documented? @GitHubSecurityLab
The best resource I could find is this one by @trailofbits:
appsec.guide ->
Original->
The best resource I could find is this one by @trailofbits:
appsec.guide ->
Original->
Reposted by buherator
Kociemba has launched the No Longer Evil project, an open-source initiative aimed at breathing new life into decommissioned first- and second-generation Nest thermostats. www.techspot.com/news/110186-...
Hackers are saving Google's abandoned Nest thermostats with open-source firmware
Cody Kociemba, the developer behind the Hack/House collaborative project, is waging war against Google. The tech giant recently decided to discontinue the first two generations of its...
www.techspot.com
November 12, 2025 at 2:40 PM
Kociemba has launched the No Longer Evil project, an open-source initiative aimed at breathing new life into decommissioned first- and second-generation Nest thermostats. www.techspot.com/news/110186-...
November 12, 2025 at 1:06 PM
Reposted by buherator
I wanted to understand what information is available in .pdb files, so I made a tool for it 🔎🐛
Welcome DiaSymbolView - a debug symbol hierarchy and properties viewer based on MSDIA: github.com/diversenok/D...
Welcome DiaSymbolView - a debug symbol hierarchy and properties viewer based on MSDIA: github.com/diversenok/D...
November 10, 2025 at 9:04 PM
I wanted to understand what information is available in .pdb files, so I made a tool for it 🔎🐛
Welcome DiaSymbolView - a debug symbol hierarchy and properties viewer based on MSDIA: github.com/diversenok/D...
Welcome DiaSymbolView - a debug symbol hierarchy and properties viewer based on MSDIA: github.com/diversenok/D...
...last offset, I gave you my heart...
Original->
Original->
November 11, 2025 at 10:08 PM
...last offset, I gave you my heart...
Original->
Original->
Having spent the last couple of nights reversing data types I'm all in for UNION busting!
#ReverseEngineering #capitalism
Original->
#ReverseEngineering #capitalism
Original->
November 11, 2025 at 9:38 PM
Having spent the last couple of nights reversing data types I'm all in for UNION busting!
#ReverseEngineering #capitalism
Original->
#ReverseEngineering #capitalism
Original->
TIL when you recursively search for source files, .ccls-cache can ruin your day because it contains very similar file names to the originals :P
Original->
Original->
November 11, 2025 at 5:27 PM
TIL when you recursively search for source files, .ccls-cache can ruin your day because it contains very similar file names to the originals :P
Original->
Original->
November 11, 2025 at 3:51 PM
This article highlights how much control endpoint security vendors have over customer machines, and transitively over companies and maybe even nations:
www.huntress.com ->
You only install this stuff, because you trust the vendor
1/2
www.huntress.com ->
You only install this stuff, because you trust the vendor
1/2
November 11, 2025 at 11:42 AM
This article highlights how much control endpoint security vendors have over customer machines, and transitively over companies and maybe even nations:
www.huntress.com ->
You only install this stuff, because you trust the vendor
1/2
www.huntress.com ->
You only install this stuff, because you trust the vendor
1/2
November 11, 2025 at 6:11 AM
From vendor to ESC1
scribe.rip ->
Awesome blog post explaining why ~all enterprise domains could be pwned via ADCS: vendors prescribe insecure configuration to integrate their stuff!
(AFAICT I couldn't post this from my RSS
1/2
scribe.rip ->
Awesome blog post explaining why ~all enterprise domains could be pwned via ADCS: vendors prescribe insecure configuration to integrate their stuff!
(AFAICT I couldn't post this from my RSS
1/2
November 10, 2025 at 9:45 PM
From vendor to ESC1
scribe.rip ->
Awesome blog post explaining why ~all enterprise domains could be pwned via ADCS: vendors prescribe insecure configuration to integrate their stuff!
(AFAICT I couldn't post this from my RSS
1/2
scribe.rip ->
Awesome blog post explaining why ~all enterprise domains could be pwned via ADCS: vendors prescribe insecure configuration to integrate their stuff!
(AFAICT I couldn't post this from my RSS
1/2
So glad to see KI/KI getting the recognition she deserves, super fun DJ!
www.youtube.com ->
Original->
www.youtube.com ->
Original->
November 10, 2025 at 9:10 PM
So glad to see KI/KI getting the recognition she deserves, super fun DJ!
www.youtube.com ->
Original->
www.youtube.com ->
Original->
I'm seriously considering creating a Yelp account just because of this shit...
Original->
Original->
November 9, 2025 at 7:11 PM
I'm seriously considering creating a Yelp account just because of this shit...
Original->
Original->
November 9, 2025 at 7:05 PM
I'm old enough to remember years ago comrades predicting the inevitable fall of software and services which work just fine today.
Original->
Original->
November 9, 2025 at 11:34 AM
I'm old enough to remember years ago comrades predicting the inevitable fall of software and services which work just fine today.
Original->
Original->
I moved my fork of pdbparse to uv and tested it with Construct v2.10 - earlier versions weren't compatible with recent Python stdlibs.
Everything seems to work fine (tested with REshare vs big MS .pdb's) so you can use this fork with Python >= 3.12:
1/2
Everything seems to work fine (tested with REshare vs big MS .pdb's) so you can use this fork with Python >= 3.12:
1/2
November 9, 2025 at 11:29 AM
I moved my fork of pdbparse to uv and tested it with Construct v2.10 - earlier versions weren't compatible with recent Python stdlibs.
Everything seems to work fine (tested with REshare vs big MS .pdb's) so you can use this fork with Python >= 3.12:
1/2
Everything seems to work fine (tested with REshare vs big MS .pdb's) so you can use this fork with Python >= 3.12:
1/2
November 8, 2025 at 6:51 PM
I had this #electronics project idea several months ago... The original concept involved like two transistors and a basic "framework" of $5 consumer mechanics.
It turns out the "framework" is so primitive (in a good sense!) that now I have an AVR involved and like $50 spent.
1/2
It turns out the "framework" is so primitive (in a good sense!) that now I have an AVR involved and like $50 spent.
1/2
November 8, 2025 at 6:46 PM
I had this #electronics project idea several months ago... The original concept involved like two transistors and a basic "framework" of $5 consumer mechanics.
It turns out the "framework" is so primitive (in a good sense!) that now I have an AVR involved and like $50 spent.
1/2
It turns out the "framework" is so primitive (in a good sense!) that now I have an AVR involved and like $50 spent.
1/2
November 8, 2025 at 12:50 PM
[RSS] Bringing USB to Life in QEMU - Kernel Build, Debug, and Redirection
streypaws.github.io ->
Original->
streypaws.github.io ->
Original->
November 8, 2025 at 12:35 PM
[RSS] Bringing USB to Life in QEMU - Kernel Build, Debug, and Redirection
streypaws.github.io ->
Original->
streypaws.github.io ->
Original->
I choose very carefully when I listen to Cephalic Carnage because it drags you to places you have to be prepared for.
I'm not a huge fan of remix albums (shitty sound is usually part of the story!) but this one just makes my nose bleed (in a good way):
1/2
I'm not a huge fan of remix albums (shitty sound is usually part of the story!) but this one just makes my nose bleed (in a good way):
1/2
November 7, 2025 at 5:31 PM
I choose very carefully when I listen to Cephalic Carnage because it drags you to places you have to be prepared for.
I'm not a huge fan of remix albums (shitty sound is usually part of the story!) but this one just makes my nose bleed (in a good way):
1/2
I'm not a huge fan of remix albums (shitty sound is usually part of the story!) but this one just makes my nose bleed (in a good way):
1/2
[RSS] What's That Coming Over The Hill? (Monsta FTP Remote Code Execution CVE-2025-34299)
labs.watchtowr.com ->
Original->
labs.watchtowr.com ->
Original->
November 7, 2025 at 1:20 PM
[RSS] What's That Coming Over The Hill? (Monsta FTP Remote Code Execution CVE-2025-34299)
labs.watchtowr.com ->
Original->
labs.watchtowr.com ->
Original->
November 6, 2025 at 5:11 PM
I almost got brain aneurysm thinking that the query syntax of tree-sitter and ast-grep differ.
Fortunately that's not the case, but - contrary to Internet wisdom - query syntax is not compatible between languages (parsers).
Also, ast-grep's Playground is insanely useful:
1/2
Fortunately that's not the case, but - contrary to Internet wisdom - query syntax is not compatible between languages (parsers).
Also, ast-grep's Playground is insanely useful:
1/2
November 6, 2025 at 4:16 PM
I almost got brain aneurysm thinking that the query syntax of tree-sitter and ast-grep differ.
Fortunately that's not the case, but - contrary to Internet wisdom - query syntax is not compatible between languages (parsers).
Also, ast-grep's Playground is insanely useful:
1/2
Fortunately that's not the case, but - contrary to Internet wisdom - query syntax is not compatible between languages (parsers).
Also, ast-grep's Playground is insanely useful:
1/2