buherator
@buherator.bsky.social
"I'm interested in all kinds of astronomy."
https://scrapco.de
Mostly cross-posting from Fediverse: @buherator@infosec.place
https://scrapco.de
Mostly cross-posting from Fediverse: @buherator@infosec.place
November 11, 2025 at 3:51 PM
This article highlights how much control endpoint security vendors have over customer machines, and transitively over companies and maybe even nations:
www.huntress.com ->
You only install this stuff, because you trust the vendor
1/2
www.huntress.com ->
You only install this stuff, because you trust the vendor
1/2
November 11, 2025 at 11:42 AM
This article highlights how much control endpoint security vendors have over customer machines, and transitively over companies and maybe even nations:
www.huntress.com ->
You only install this stuff, because you trust the vendor
1/2
www.huntress.com ->
You only install this stuff, because you trust the vendor
1/2
November 9, 2025 at 7:05 PM
I'm old enough to remember years ago comrades predicting the inevitable fall of software and services which work just fine today.
Original->
Original->
November 9, 2025 at 11:34 AM
I'm old enough to remember years ago comrades predicting the inevitable fall of software and services which work just fine today.
Original->
Original->
As a result of working on r4ghidra I set the ambitious goal to create REshare, an exchange format for #ReverseEngineering tools:
github.com ->
The code is still in its early days (literally) but the fact that it works with complex, real life binaries tells
1/2
github.com ->
The code is still in its early days (literally) but the fact that it works with complex, real life binaries tells
1/2
October 24, 2025 at 6:46 PM
As a result of working on r4ghidra I set the ambitious goal to create REshare, an exchange format for #ReverseEngineering tools:
github.com ->
The code is still in its early days (literally) but the fact that it works with complex, real life binaries tells
1/2
github.com ->
The code is still in its early days (literally) but the fact that it works with complex, real life binaries tells
1/2
My talk about integrating #ReverseEngineering tools is to be broadcasted in a couple of hours for #r2con2025:
rada.re ->
I'll release a ton of code and will be around on Discord for questions and comments.
Original->
rada.re ->
I'll release a ton of code and will be around on Discord for questions and comments.
Original->
October 24, 2025 at 8:50 AM
My talk about integrating #ReverseEngineering tools is to be broadcasted in a couple of hours for #r2con2025:
rada.re ->
I'll release a ton of code and will be around on Discord for questions and comments.
Original->
rada.re ->
I'll release a ton of code and will be around on Discord for questions and comments.
Original->
Thanks to @disasmwinnie now you'll lose a bit less hair when testing Oracle Forms:
github.com ->
#pentesting
Original->
github.com ->
#pentesting
Original->
October 23, 2025 at 4:16 PM
Thanks to @disasmwinnie now you'll lose a bit less hair when testing Oracle Forms:
github.com ->
#pentesting
Original->
github.com ->
#pentesting
Original->
September 29, 2025 at 3:21 PM
/me trying hard not to antropomorphise the LLM
Original->
Original->
September 23, 2025 at 2:48 PM
/me trying hard not to antropomorphise the LLM
Original->
Original->
I combined DEVCORE's CVE-2024-35250 with the CVE-2024-30084 double fetch bug and the Cloud Filter memory trap technique by @tiraniddo to achieve reliable LPE without device requirements on Win10 VMs.
scrapco.de ->
Original->
scrapco.de ->
Original->
August 28, 2025 at 7:43 AM
I combined DEVCORE's CVE-2024-35250 with the CVE-2024-30084 double fetch bug and the Cloud Filter memory trap technique by @tiraniddo to achieve reliable LPE without device requirements on Win10 VMs.
scrapco.de ->
Original->
scrapco.de ->
Original->
Hi, I'm your favorite security vendor, welcome to...
August 16, 2025 at 3:09 PM
Hi, I'm your favorite security vendor, welcome to...
Fun fact: the #Ghidra API is quite consistent in naming methods according to the data types they accept/return, but HighVariables are returned from Varnodes via getHigh()
Original->
Original->
August 16, 2025 at 11:43 AM
Fun fact: the #Ghidra API is quite consistent in naming methods according to the data types they accept/return, but HighVariables are returned from Varnodes via getHigh()
Original->
Original->
To prevent further frustration from forgotten tricks I brain dumped the less-than-obvious stuff that I can remember from #Ghidra development in my brand new Ghidra Dev Cheat Sheet:
scrapco.de ->
PR's and suggestions are most welcome!
Original->
scrapco.de ->
PR's and suggestions are most welcome!
Original->
August 13, 2025 at 10:40 AM
To prevent further frustration from forgotten tricks I brain dumped the less-than-obvious stuff that I can remember from #Ghidra development in my brand new Ghidra Dev Cheat Sheet:
scrapco.de ->
PR's and suggestions are most welcome!
Original->
scrapco.de ->
PR's and suggestions are most welcome!
Original->
August 13, 2025 at 8:15 AM
Does anyone have experience with driving a stepper motor found in simple electronic clocks in both directions?
(img source: https://www.explainthatstuff.com/quartzclockwatch.html )
#electronics
Original->
(img source: https://www.explainthatstuff.com/quartzclockwatch.html )
#electronics
Original->
August 4, 2025 at 9:16 AM
Does anyone have experience with driving a stepper motor found in simple electronic clocks in both directions?
(img source: https://www.explainthatstuff.com/quartzclockwatch.html )
#electronics
Original->
(img source: https://www.explainthatstuff.com/quartzclockwatch.html )
#electronics
Original->
June 18, 2025 at 2:28 PM