🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

On this episode of The BlueHat Podcast, we’re joined by Marco Ivaldi ([email protected]), co-founder of HN Security and a veteran of the security research community. Marco shares his journey from teenage hacker in the '80s to bug bounty hunter, including his experience at Microsoft’s Zero

If you care about securing legacy systems and staying ahead in bug bounty, don’t miss this episode with [email protected] on The BlueHat Podcast.

It’s been a real pleasure, thank you for having me at the Microsoft BlueHat #podcast!

It’s been a real pleasure, thank you for having me at the Microsoft BlueHat #podcast!

Another day, another bug of mine got listed in CISA's KEV. Why does everyone love my bugs (sigh...)? BTW, great article by SinSinology again!

How was it like to attend the exclusive #ZeroDayQuest event? How did a Unix hacker even qualify in the first place? How can you become one of the Security Response MVRs?   Our [email protected] answers these and other questions in his latest article: security.humanativaspa.it/my-zero-day-qu…

Just launched Code Auditor CTF — auditor.codes A web platform to practice finding real-world C/C++ vulnerabilities • 8000+ challenges • Progress tracking + leaderboard • Beginner-friendly • Fully open source (beta): github.com/20urc3/auditor…

China just launched something that makes your data center look like a toaster. A 2,800-node orbital supercomputer is coming, and the West has no idea how to stop it. theverge.com/news/669157/ch…

I’d like to shine a spotlight on some of my GitHub projects. Let’s start with my battle-tested Semgrep ruleset for C bug hunting! github.com/0xdea/semgrep-… Be sure to read the articles for some real life examples on how to make the most of it.

If for some reason #semgrep doesn’t fit your use case, here’s a port of my C vulnerability research ruleset to #weggli: github.com/0xdea/weggli-p… Read the linked blog post and check it out!

We're are happy to announce a new release of our #Rust bindings for Hex-Rays SA idalib. What's new: - New APIs for working with IDBs, segments, and more - Rust 2024 support - New homepage: idalib.rs H/T to our contributors Yegor & [email protected] github.com/binarly-io/ida…

Here’s the collection of the most significant exploits that I’ve published in the past three decades or so. Enjoy! github.com/0xdea/exploits

new idalib release! for folks interested in writing headless analysis scripts for IDA in rust, I can recommend [email protected]'s blog post with some neat example use cases: security.humanativaspa.it/streamlining-v…

I've just updated my #Rust crates! crates.io/users/0xdea Most notably, my vulnerability research tools based on BINARLY🔬's #idalib have been updated to use the new idalib v0.6. Cheers 🍻

Continuing our short tour of my stuff hosted on GitHub, here's a collection of all my coordinated disclosure #advisories, from my first #CVE in OpenSSH (CVE-2003-0190) to the most recent one in Zyxel appliances. github.com/0xdea/advisori…

And here are the latest #VulnerabilityResearch and #ReverseEngineering tools that I wrote in #Rust github.com/0xdea/rhabdoma… github.com/0xdea/haruspex github.com/0xdea/augur github.com/0xdea/oneiroma… Make sure to check the accompanying HN Security blog posts for additional details 🪲🎯

We released new Pwndbg: github.com/pwndbg/pwndbg/… ! It brings new kernel commands for dumping heap allocator info, display of not taken branches (X marker) in disasm, better disasm for ARM/MIPS/LoongArch64, initial s390x support & more! Sponsor us at github.com/sponsors/pwndbg !

End of an era: our CVSweb service turned 21 today, and was promptly retired. Our anoncvs was similarly shut down at the age of 21 two years ago, quietly.