Cristian Cantos
@kriware.bsky.social
Security Analyst at Layakk
Permanent student
Kriware Security Feed: Feed of technical blogs about cybersecurity. -> Telegram Channel: https://t.me/kriwarefeed
YouTuber: kriware
RootedCON co-organizer
Pinned
Cristian Cantos
@kriware.bsky.social
· Dec 6
Are you still not part of the EXCLUSIVE hacker community that receives a DAILY TECHNICAL article about hacking?
Every day, practical and advanced knowledge delivered straight to you.
Join now! 👇
Every day, practical and advanced knowledge delivered straight to you.
Join now! 👇
Reposted by Cristian Cantos
Are you still not part of the EXCLUSIVE hacker community that receives a DAILY TECHNICAL article about hacking?
Every day, practical and advanced knowledge delivered straight to you.
Join now! 👇
Every day, practical and advanced knowledge delivered straight to you.
Join now! 👇
December 6, 2024 at 11:50 AM
Are you still not part of the EXCLUSIVE hacker community that receives a DAILY TECHNICAL article about hacking?
Every day, practical and advanced knowledge delivered straight to you.
Join now! 👇
Every day, practical and advanced knowledge delivered straight to you.
Join now! 👇
Chaining Directory Traversal & CSV Parser Abuse for RCE in Django
Combines unsanitized username path traversal with pandas CSV to_csv() quirks to overwrite wsgi.py and gain RCE.
https://jineeshak.github.io/posts/Chaining-Directory-Traversal-and-CSV-Parser-Abuse-for-RCE-in-Django/
#django
Combines unsanitized username path traversal with pandas CSV to_csv() quirks to overwrite wsgi.py and gain RCE.
https://jineeshak.github.io/posts/Chaining-Directory-Traversal-and-CSV-Parser-Abuse-for-RCE-in-Django/
#django
July 20, 2025 at 5:30 AM
Chaining Directory Traversal & CSV Parser Abuse for RCE in Django
Combines unsanitized username path traversal with pandas CSV to_csv() quirks to overwrite wsgi.py and gain RCE.
https://jineeshak.github.io/posts/Chaining-Directory-Traversal-and-CSV-Parser-Abuse-for-RCE-in-Django/
#django
Combines unsanitized username path traversal with pandas CSV to_csv() quirks to overwrite wsgi.py and gain RCE.
https://jineeshak.github.io/posts/Chaining-Directory-Traversal-and-CSV-Parser-Abuse-for-RCE-in-Django/
#django
Solo: A Pixel 6 Pro Story
Researcher adapts a Mali GPU integer overflow (CVE‑2023‑48409) to root Pixel 6 Pro by adding memory-spraying and SELinux bypasses—all from a single bug.
https://starlabs.sg/blog/2025/06-solo-a-pixel-6-pro-story-when-one-bug-is-all-you-need/
#Android
Researcher adapts a Mali GPU integer overflow (CVE‑2023‑48409) to root Pixel 6 Pro by adding memory-spraying and SELinux bypasses—all from a single bug.
https://starlabs.sg/blog/2025/06-solo-a-pixel-6-pro-story-when-one-bug-is-all-you-need/
#Android
July 19, 2025 at 5:30 AM
Solo: A Pixel 6 Pro Story
Researcher adapts a Mali GPU integer overflow (CVE‑2023‑48409) to root Pixel 6 Pro by adding memory-spraying and SELinux bypasses—all from a single bug.
https://starlabs.sg/blog/2025/06-solo-a-pixel-6-pro-story-when-one-bug-is-all-you-need/
#Android
Researcher adapts a Mali GPU integer overflow (CVE‑2023‑48409) to root Pixel 6 Pro by adding memory-spraying and SELinux bypasses—all from a single bug.
https://starlabs.sg/blog/2025/06-solo-a-pixel-6-pro-story-when-one-bug-is-all-you-need/
#Android
TapTrap: Invisible Animation‑Driven Tapjacking on Android
A malicious app with zero permissions uses transparent animations to hide real system prompts (e.g., camera, location, admin) and trick users into tapping them unknowingly.
https://taptrap.click/
#Tapjacking #AndroidAttack
A malicious app with zero permissions uses transparent animations to hide real system prompts (e.g., camera, location, admin) and trick users into tapping them unknowingly.
https://taptrap.click/
#Tapjacking #AndroidAttack
July 18, 2025 at 5:30 AM
TapTrap: Invisible Animation‑Driven Tapjacking on Android
A malicious app with zero permissions uses transparent animations to hide real system prompts (e.g., camera, location, admin) and trick users into tapping them unknowingly.
https://taptrap.click/
#Tapjacking #AndroidAttack
A malicious app with zero permissions uses transparent animations to hide real system prompts (e.g., camera, location, admin) and trick users into tapping them unknowingly.
https://taptrap.click/
#Tapjacking #AndroidAttack
GPUHammer: Rowhammer Attack on NVIDIA GDDR6 GPUs
GPUHammer is the first practical Rowhammer attack on GDDR6 VRAM (e.g., RTX A6000), flipping bits via CUDA and silently corrupting AI models, plummeting accuracy from ~80% to under 1%.
https://gpuhammer.com/
#Rowhammer #GPUAttacks
GPUHammer is the first practical Rowhammer attack on GDDR6 VRAM (e.g., RTX A6000), flipping bits via CUDA and silently corrupting AI models, plummeting accuracy from ~80% to under 1%.
https://gpuhammer.com/
#Rowhammer #GPUAttacks
July 17, 2025 at 7:47 PM
GPUHammer: Rowhammer Attack on NVIDIA GDDR6 GPUs
GPUHammer is the first practical Rowhammer attack on GDDR6 VRAM (e.g., RTX A6000), flipping bits via CUDA and silently corrupting AI models, plummeting accuracy from ~80% to under 1%.
https://gpuhammer.com/
#Rowhammer #GPUAttacks
GPUHammer is the first practical Rowhammer attack on GDDR6 VRAM (e.g., RTX A6000), flipping bits via CUDA and silently corrupting AI models, plummeting accuracy from ~80% to under 1%.
https://gpuhammer.com/
#Rowhammer #GPUAttacks
DreamWalkers: Reflective Shellcode Loader with Clean Call Stacks
A loader that achieves believable call stacks in reflectively loaded modules by parsing PE and registering unwind data via RtlAddFunctionTable.
https://maxdcb.github.io/DreamWalkers/
#ShellcodeLoader #CallStackSpoofing
A loader that achieves believable call stacks in reflectively loaded modules by parsing PE and registering unwind data via RtlAddFunctionTable.
https://maxdcb.github.io/DreamWalkers/
#ShellcodeLoader #CallStackSpoofing
July 16, 2025 at 5:30 AM
DreamWalkers: Reflective Shellcode Loader with Clean Call Stacks
A loader that achieves believable call stacks in reflectively loaded modules by parsing PE and registering unwind data via RtlAddFunctionTable.
https://maxdcb.github.io/DreamWalkers/
#ShellcodeLoader #CallStackSpoofing
A loader that achieves believable call stacks in reflectively loaded modules by parsing PE and registering unwind data via RtlAddFunctionTable.
https://maxdcb.github.io/DreamWalkers/
#ShellcodeLoader #CallStackSpoofing
Windows Kernel Pool Internals
Explains kernel pool allocation, PoolTags, segment heap (kLFH, VS, Large), and building a no‑admin tool to enumerate tags.
https://r0keb.github.io/posts/Windows-Kernel-Pool-Internals/
#Kernel #Heap #windows
Explains kernel pool allocation, PoolTags, segment heap (kLFH, VS, Large), and building a no‑admin tool to enumerate tags.
https://r0keb.github.io/posts/Windows-Kernel-Pool-Internals/
#Kernel #Heap #windows
July 15, 2025 at 5:30 AM
Windows Kernel Pool Internals
Explains kernel pool allocation, PoolTags, segment heap (kLFH, VS, Large), and building a no‑admin tool to enumerate tags.
https://r0keb.github.io/posts/Windows-Kernel-Pool-Internals/
#Kernel #Heap #windows
Explains kernel pool allocation, PoolTags, segment heap (kLFH, VS, Large), and building a no‑admin tool to enumerate tags.
https://r0keb.github.io/posts/Windows-Kernel-Pool-Internals/
#Kernel #Heap #windows
Exploiting WRMSR in Vulnerable Drivers
Detailed guide on abusing unsecured WRMSR IOCTLs to overwrite LSTAR MSR, build ROP chains bypassing SMEP/SMAP/KPTI, and gain kernel execution.
https://idafchev.github.io/blog/wrmsr/
#Kernel #windows
Detailed guide on abusing unsecured WRMSR IOCTLs to overwrite LSTAR MSR, build ROP chains bypassing SMEP/SMAP/KPTI, and gain kernel execution.
https://idafchev.github.io/blog/wrmsr/
#Kernel #windows
July 14, 2025 at 5:30 AM
Exploiting WRMSR in Vulnerable Drivers
Detailed guide on abusing unsecured WRMSR IOCTLs to overwrite LSTAR MSR, build ROP chains bypassing SMEP/SMAP/KPTI, and gain kernel execution.
https://idafchev.github.io/blog/wrmsr/
#Kernel #windows
Detailed guide on abusing unsecured WRMSR IOCTLs to overwrite LSTAR MSR, build ROP chains bypassing SMEP/SMAP/KPTI, and gain kernel execution.
https://idafchev.github.io/blog/wrmsr/
#Kernel #windows
Hexagon Fuzz: Full-System Emulated Fuzzing of Qualcomm Basebands
SRLabs released the first open-source emulator-based fuzzing toolchain for Qualcomm Hexagon baseband firmware
https://www.srlabs.de/blog-post/hexagon-fuzz-full-system-emulated-fuzzing-of-qualcomm-basebands
#Baseband #Fuzzing
SRLabs released the first open-source emulator-based fuzzing toolchain for Qualcomm Hexagon baseband firmware
https://www.srlabs.de/blog-post/hexagon-fuzz-full-system-emulated-fuzzing-of-qualcomm-basebands
#Baseband #Fuzzing
July 13, 2025 at 5:30 AM
Hexagon Fuzz: Full-System Emulated Fuzzing of Qualcomm Basebands
SRLabs released the first open-source emulator-based fuzzing toolchain for Qualcomm Hexagon baseband firmware
https://www.srlabs.de/blog-post/hexagon-fuzz-full-system-emulated-fuzzing-of-qualcomm-basebands
#Baseband #Fuzzing
SRLabs released the first open-source emulator-based fuzzing toolchain for Qualcomm Hexagon baseband firmware
https://www.srlabs.de/blog-post/hexagon-fuzz-full-system-emulated-fuzzing-of-qualcomm-basebands
#Baseband #Fuzzing
Rediscovered an 11‑Year‑Old libpng Vulnerability
A beginner in secure code review reintroduced CVE‑2014‑9495 by fuzzing width * bit-depth overflow
https://blog.himanshuanand.com/posts/discovered-a-libpng-vulnerability-11-years-after-it-was-patched/
#libpng #IntegerOverflow
A beginner in secure code review reintroduced CVE‑2014‑9495 by fuzzing width * bit-depth overflow
https://blog.himanshuanand.com/posts/discovered-a-libpng-vulnerability-11-years-after-it-was-patched/
#libpng #IntegerOverflow
July 12, 2025 at 5:30 AM
Rediscovered an 11‑Year‑Old libpng Vulnerability
A beginner in secure code review reintroduced CVE‑2014‑9495 by fuzzing width * bit-depth overflow
https://blog.himanshuanand.com/posts/discovered-a-libpng-vulnerability-11-years-after-it-was-patched/
#libpng #IntegerOverflow
A beginner in secure code review reintroduced CVE‑2014‑9495 by fuzzing width * bit-depth overflow
https://blog.himanshuanand.com/posts/discovered-a-libpng-vulnerability-11-years-after-it-was-patched/
#libpng #IntegerOverflow
Resurrecting a Dead Torrent Tracker and Finding 3M Peers
Revived an expired .si tracker domain, launched Opentracker on VPS, and attracted ~1.7M torrents with 3.1M unique peers in just one hour.
https://kianbradley.com/2025/06/15/resurrecting-a-dead-tracker.html
#TorrentTracker
Revived an expired .si tracker domain, launched Opentracker on VPS, and attracted ~1.7M torrents with 3.1M unique peers in just one hour.
https://kianbradley.com/2025/06/15/resurrecting-a-dead-tracker.html
#TorrentTracker
July 11, 2025 at 5:30 AM
Resurrecting a Dead Torrent Tracker and Finding 3M Peers
Revived an expired .si tracker domain, launched Opentracker on VPS, and attracted ~1.7M torrents with 3.1M unique peers in just one hour.
https://kianbradley.com/2025/06/15/resurrecting-a-dead-tracker.html
#TorrentTracker
Revived an expired .si tracker domain, launched Opentracker on VPS, and attracted ~1.7M torrents with 3.1M unique peers in just one hour.
https://kianbradley.com/2025/06/15/resurrecting-a-dead-tracker.html
#TorrentTracker
Reliable System Call Interception
Highlights using seccomp_user_notify with BPF for low‑overhead syscall interception, replacing slow ptrace—demoed via “copycat” tool for per‑syscall file redirection.
https://blog.mggross.com/intercepting-syscalls/
#Seccomp #SyscallInterceptor
Highlights using seccomp_user_notify with BPF for low‑overhead syscall interception, replacing slow ptrace—demoed via “copycat” tool for per‑syscall file redirection.
https://blog.mggross.com/intercepting-syscalls/
#Seccomp #SyscallInterceptor
July 10, 2025 at 5:30 AM
Reliable System Call Interception
Highlights using seccomp_user_notify with BPF for low‑overhead syscall interception, replacing slow ptrace—demoed via “copycat” tool for per‑syscall file redirection.
https://blog.mggross.com/intercepting-syscalls/
#Seccomp #SyscallInterceptor
Highlights using seccomp_user_notify with BPF for low‑overhead syscall interception, replacing slow ptrace—demoed via “copycat” tool for per‑syscall file redirection.
https://blog.mggross.com/intercepting-syscalls/
#Seccomp #SyscallInterceptor
VNC Honeypot Setup by James Woolley
Details setting up a VNC honeypot on Ubuntu that logs sessions, records attacker interactions, and captures payloads for monitoring.
https://ja.meswoolley.co.uk/vnc-honeypot/
#VNC #Honeypot
Details setting up a VNC honeypot on Ubuntu that logs sessions, records attacker interactions, and captures payloads for monitoring.
https://ja.meswoolley.co.uk/vnc-honeypot/
#VNC #Honeypot
July 9, 2025 at 5:30 AM
VNC Honeypot Setup by James Woolley
Details setting up a VNC honeypot on Ubuntu that logs sessions, records attacker interactions, and captures payloads for monitoring.
https://ja.meswoolley.co.uk/vnc-honeypot/
#VNC #Honeypot
Details setting up a VNC honeypot on Ubuntu that logs sessions, records attacker interactions, and captures payloads for monitoring.
https://ja.meswoolley.co.uk/vnc-honeypot/
#VNC #Honeypot
The Hidden JTAG in Your Qualcomm/Snapdragon Device’s USB Port
A built-in Embedded USB Debug (EUD) interface since ~2018 allows SWD/JTAG access via USB, enabling kernel/U-Boot debugging without external tools.
https://www.linaro.org/blog/hidden-jtag-qualcomm-snapdragon-usb/
#Snapdragon
A built-in Embedded USB Debug (EUD) interface since ~2018 allows SWD/JTAG access via USB, enabling kernel/U-Boot debugging without external tools.
https://www.linaro.org/blog/hidden-jtag-qualcomm-snapdragon-usb/
#Snapdragon
July 8, 2025 at 5:30 AM
The Hidden JTAG in Your Qualcomm/Snapdragon Device’s USB Port
A built-in Embedded USB Debug (EUD) interface since ~2018 allows SWD/JTAG access via USB, enabling kernel/U-Boot debugging without external tools.
https://www.linaro.org/blog/hidden-jtag-qualcomm-snapdragon-usb/
#Snapdragon
A built-in Embedded USB Debug (EUD) interface since ~2018 allows SWD/JTAG access via USB, enabling kernel/U-Boot debugging without external tools.
https://www.linaro.org/blog/hidden-jtag-qualcomm-snapdragon-usb/
#Snapdragon
Implementing Fast TCP Fingerprinting with eBPF
A Golang webserver uses eBPF (XDP + kernel hashmap) to capture TCP SYN options at kernel-level and fingerprint clients efficiently.
https://halb.it/posts/ebpf-fingerprinting-1/
#eBPF #TCPFingerprinting
A Golang webserver uses eBPF (XDP + kernel hashmap) to capture TCP SYN options at kernel-level and fingerprint clients efficiently.
https://halb.it/posts/ebpf-fingerprinting-1/
#eBPF #TCPFingerprinting
July 7, 2025 at 5:30 AM
Implementing Fast TCP Fingerprinting with eBPF
A Golang webserver uses eBPF (XDP + kernel hashmap) to capture TCP SYN options at kernel-level and fingerprint clients efficiently.
https://halb.it/posts/ebpf-fingerprinting-1/
#eBPF #TCPFingerprinting
A Golang webserver uses eBPF (XDP + kernel hashmap) to capture TCP SYN options at kernel-level and fingerprint clients efficiently.
https://halb.it/posts/ebpf-fingerprinting-1/
#eBPF #TCPFingerprinting
How I Scanned all of GitHub’s “Oops Commits” for Leaked Secrets
Using GH Archive & GitHub Event API, Truffle’s tool scans zero‑commit force-pushes since 2020 to find leaked secrets.
https://trufflesecurity.com/blog/guest-post-how-i-scanned-all-of-github-s-oops-commits-for-leaked-secrets
#git
Using GH Archive & GitHub Event API, Truffle’s tool scans zero‑commit force-pushes since 2020 to find leaked secrets.
https://trufflesecurity.com/blog/guest-post-how-i-scanned-all-of-github-s-oops-commits-for-leaked-secrets
#git
July 6, 2025 at 5:30 AM
How I Scanned all of GitHub’s “Oops Commits” for Leaked Secrets
Using GH Archive & GitHub Event API, Truffle’s tool scans zero‑commit force-pushes since 2020 to find leaked secrets.
https://trufflesecurity.com/blog/guest-post-how-i-scanned-all-of-github-s-oops-commits-for-leaked-secrets
#git
Using GH Archive & GitHub Event API, Truffle’s tool scans zero‑commit force-pushes since 2020 to find leaked secrets.
https://trufflesecurity.com/blog/guest-post-how-i-scanned-all-of-github-s-oops-commits-for-leaked-secrets
#git
Alice’s Adventures in a Differentiable Wonderland
A friendly primer on differentiable programming and neural nets—covering autodiff, CNNs, RNNs, transformers in PyTorch & JAX.
https://arxiv.org/abs/2404.17625
#NeuralNetwork
A friendly primer on differentiable programming and neural nets—covering autodiff, CNNs, RNNs, transformers in PyTorch & JAX.
https://arxiv.org/abs/2404.17625
#NeuralNetwork
July 5, 2025 at 5:30 AM
Alice’s Adventures in a Differentiable Wonderland
A friendly primer on differentiable programming and neural nets—covering autodiff, CNNs, RNNs, transformers in PyTorch & JAX.
https://arxiv.org/abs/2404.17625
#NeuralNetwork
A friendly primer on differentiable programming and neural nets—covering autodiff, CNNs, RNNs, transformers in PyTorch & JAX.
https://arxiv.org/abs/2404.17625
#NeuralNetwork
Essential C – Stanford CS Education Library
Concise 45‑page guide covering C fundamentals: types, control flow, arrays, pointers, memory, struct, functions, and compilation.
http://cslibrary.stanford.edu/101/
#c #programming
Concise 45‑page guide covering C fundamentals: types, control flow, arrays, pointers, memory, struct, functions, and compilation.
http://cslibrary.stanford.edu/101/
#c #programming
July 1, 2025 at 5:30 AM
Essential C – Stanford CS Education Library
Concise 45‑page guide covering C fundamentals: types, control flow, arrays, pointers, memory, struct, functions, and compilation.
http://cslibrary.stanford.edu/101/
#c #programming
Concise 45‑page guide covering C fundamentals: types, control flow, arrays, pointers, memory, struct, functions, and compilation.
http://cslibrary.stanford.edu/101/
#c #programming
TPU Deep Dive
Google’s TPUs use large systolic arrays, scratchpad memory, XLA AoT compilation, and 3D-torus interconnects to deliver exascale AI compute with efficiency.
https://henryhmko.github.io/posts/tpu/tpu.html
#tpu #firmware
Google’s TPUs use large systolic arrays, scratchpad memory, XLA AoT compilation, and 3D-torus interconnects to deliver exascale AI compute with efficiency.
https://henryhmko.github.io/posts/tpu/tpu.html
#tpu #firmware
June 30, 2025 at 5:30 AM
TPU Deep Dive
Google’s TPUs use large systolic arrays, scratchpad memory, XLA AoT compilation, and 3D-torus interconnects to deliver exascale AI compute with efficiency.
https://henryhmko.github.io/posts/tpu/tpu.html
#tpu #firmware
Google’s TPUs use large systolic arrays, scratchpad memory, XLA AoT compilation, and 3D-torus interconnects to deliver exascale AI compute with efficiency.
https://henryhmko.github.io/posts/tpu/tpu.html
#tpu #firmware
Root Shell on Yomani Credit‑Card Terminal
Reverse‑engineered Worldline Yomani XR: found exposed serial console with root shell, bypassed tamper protections via hardware debug port.
https://stefan-gloor.ch/yomani-hack
#terminal
Reverse‑engineered Worldline Yomani XR: found exposed serial console with root shell, bypassed tamper protections via hardware debug port.
https://stefan-gloor.ch/yomani-hack
#terminal
June 29, 2025 at 5:30 AM
Root Shell on Yomani Credit‑Card Terminal
Reverse‑engineered Worldline Yomani XR: found exposed serial console with root shell, bypassed tamper protections via hardware debug port.
https://stefan-gloor.ch/yomani-hack
#terminal
Reverse‑engineered Worldline Yomani XR: found exposed serial console with root shell, bypassed tamper protections via hardware debug port.
https://stefan-gloor.ch/yomani-hack
#terminal
FileFix – A ClickFix Alternative
Browser trick uses file upload to open File Explorer, copy malicious PowerShell path disguised as a doc, and auto-execute via address bar.
https://mrd0x.com/filefix-clickfix-alternative/
#Phishing
Browser trick uses file upload to open File Explorer, copy malicious PowerShell path disguised as a doc, and auto-execute via address bar.
https://mrd0x.com/filefix-clickfix-alternative/
#Phishing
June 28, 2025 at 5:30 AM
FileFix – A ClickFix Alternative
Browser trick uses file upload to open File Explorer, copy malicious PowerShell path disguised as a doc, and auto-execute via address bar.
https://mrd0x.com/filefix-clickfix-alternative/
#Phishing
Browser trick uses file upload to open File Explorer, copy malicious PowerShell path disguised as a doc, and auto-execute via address bar.
https://mrd0x.com/filefix-clickfix-alternative/
#Phishing
Primitive Injection – Breaking the Status Quo
Project creates reliable read/write/allocate primitives to evade telemetry by enabling custom injection flows and changing process IOCs.
https://trickster0.github.io/posts/Primitive-Injection/
#injection #evasion
Project creates reliable read/write/allocate primitives to evade telemetry by enabling custom injection flows and changing process IOCs.
https://trickster0.github.io/posts/Primitive-Injection/
#injection #evasion
June 27, 2025 at 5:30 AM
Primitive Injection – Breaking the Status Quo
Project creates reliable read/write/allocate primitives to evade telemetry by enabling custom injection flows and changing process IOCs.
https://trickster0.github.io/posts/Primitive-Injection/
#injection #evasion
Project creates reliable read/write/allocate primitives to evade telemetry by enabling custom injection flows and changing process IOCs.
https://trickster0.github.io/posts/Primitive-Injection/
#injection #evasion
PicoEMP – Low-Cost DIY EMFI Tool
PicoEMP is a budget Electromagnetic Fault Injection (EMFI) device using Raspberry Pi Pico, ideal for hobbyist security research.
https://github.com/newaetech/chipshouter-picoemp
#HardwareHacking
PicoEMP is a budget Electromagnetic Fault Injection (EMFI) device using Raspberry Pi Pico, ideal for hobbyist security research.
https://github.com/newaetech/chipshouter-picoemp
#HardwareHacking
June 26, 2025 at 5:30 AM
PicoEMP – Low-Cost DIY EMFI Tool
PicoEMP is a budget Electromagnetic Fault Injection (EMFI) device using Raspberry Pi Pico, ideal for hobbyist security research.
https://github.com/newaetech/chipshouter-picoemp
#HardwareHacking
PicoEMP is a budget Electromagnetic Fault Injection (EMFI) device using Raspberry Pi Pico, ideal for hobbyist security research.
https://github.com/newaetech/chipshouter-picoemp
#HardwareHacking
Intercepting Traffic on Android with Mainline and Conscrypt
NVISO explains how Conscrypt updates impacted HTTPS interception and how their AlwaysTrustUserCerts Magisk module now supports A7–A16.
https://blog.nviso.eu/2025/06/05/intercepting-traffic-on-android-with-mainline-and-conscrypt/
#android
NVISO explains how Conscrypt updates impacted HTTPS interception and how their AlwaysTrustUserCerts Magisk module now supports A7–A16.
https://blog.nviso.eu/2025/06/05/intercepting-traffic-on-android-with-mainline-and-conscrypt/
#android
June 24, 2025 at 5:30 AM
Intercepting Traffic on Android with Mainline and Conscrypt
NVISO explains how Conscrypt updates impacted HTTPS interception and how their AlwaysTrustUserCerts Magisk module now supports A7–A16.
https://blog.nviso.eu/2025/06/05/intercepting-traffic-on-android-with-mainline-and-conscrypt/
#android
NVISO explains how Conscrypt updates impacted HTTPS interception and how their AlwaysTrustUserCerts Magisk module now supports A7–A16.
https://blog.nviso.eu/2025/06/05/intercepting-traffic-on-android-with-mainline-and-conscrypt/
#android
Fault Injection – Follow the White Rabbit
Demonstrates EMFI and voltage glitching on ESP32‑V3 to modify flash CRC32 and combine glitch for Secure Boot bypass via complex fault‑injection chain.
https://security.humanativaspa.it/fault-injection-follow-the-white-rabbit/
#EMFI #SecureBootBypass
Demonstrates EMFI and voltage glitching on ESP32‑V3 to modify flash CRC32 and combine glitch for Secure Boot bypass via complex fault‑injection chain.
https://security.humanativaspa.it/fault-injection-follow-the-white-rabbit/
#EMFI #SecureBootBypass
June 23, 2025 at 5:30 AM
Fault Injection – Follow the White Rabbit
Demonstrates EMFI and voltage glitching on ESP32‑V3 to modify flash CRC32 and combine glitch for Secure Boot bypass via complex fault‑injection chain.
https://security.humanativaspa.it/fault-injection-follow-the-white-rabbit/
#EMFI #SecureBootBypass
Demonstrates EMFI and voltage glitching on ESP32‑V3 to modify flash CRC32 and combine glitch for Secure Boot bypass via complex fault‑injection chain.
https://security.humanativaspa.it/fault-injection-follow-the-white-rabbit/
#EMFI #SecureBootBypass