Tomorrow — join #Symphony2023 where Chris Tillett, sr engineer, strategic product intelligence, & Greg S., sr. product marketing manager, show how #CortexXSIAM uses analytics & automation to help detect & shut down threats in under a minute. Register now.bit.ly/3kUnmu3.

At the core of every security operations center (SOC) is an analyst with a wish to build a modern-day SOC. ✨ Our own Austin Robertson shares the top three ways to make every SOC analysts dream come true. bit.ly/3qNYbMZ

For those who recently followed this account, probably you can find these useful resources to learn from: (1) Offensive Software Exploitation Course Repo: exploitation.ashemery.com Videos: youtube.com/playlist?list=…

🚨🚨🚨 ثغرة خطيرة في الوتساب وشركة فيسبوك ترفض بإصلاحها: الثغرة تسمح بتزييف رسائل وهمية تظهر كأنها ردود مقتبسة محذوفة (لا تظهر الرسالة الاصلية لأنها غير مزيفة لكن تظهر كأنها رد مقتبس)، ويمكن عن طريقها تزييف جزء من المحادثات. الهاكر الذي اكتشفها وأنصدم من رفض فيسبوك لإصلاحها نشر

If you're into OSINT, Kase Scenarios is releasing Project Sandshark on March 27th! I had the opportunity to beta test Sandshark and earn their awesome badge! Project Sandshark is different from their other OSINT scenarios since it's 100% report based. You're given the

Beginners intro to Linux kernel exploitation (env setup and ret2usr) Part 1: scoding.de/linux-kernel-e… Part 2: scoding.de/linux-kernel-e… #Linux #cybersecurity

How Component Object Model (COM) works. #ThreatHunting #DFIR #Windows #Microsoft

🔥💀 Here is the "Real" writeup and exploit for the pre-auth deserialization RCE I reported to Ivanti CVE-2024-29847 Apparently, folks at horizon3 tried to write about my bug before me but they did it wrong summoning.team/blog/ivanti-ep…

x.com/i/article/1851…

The Memory Hierarchy: From Processor to Hard Drives

The tenth article (35 pages) of the Malware Analysis Series (MAS) is available on: exploitreversing.com/2025/01/15/mal… I would like to thank Ilfak Guilfanov Ilfak Guilfanov and Hex-Rays SA for their constant and uninterrupted support, which have helped me write these articles. I promised to write a

📌 NIST Cybersecurity Framework (CSF): Your Cybersecurity Playbook Every organization faces cyber risks - but not all have a clear plan to manage them. That’s where NIST CSF comes in: a simple, proven cybersecurity risk management framework. Want to master cybersecurity

Claude reversing a binary using Binary Ninja via MCP while I get a snack blasty Ziyad Edher Vector 35

In 2020, I solved a gnarly reverse engineering challenge in PlaidCTF. Only 9 teams solved. It's a huge pile of Typescript. Everything is named after a fish. The catch? There's no code, only types. How do they perform computation using just the type system? (Spoiler: Circuits!)

Bypassing kASLR via Cache Timing : r0keb.github.io/posts/Bypassin… kASLR Internals and Evolution : r0keb.github.io/posts/kASLR-In… credits ö

As a blanket statement, the security industry ideally doesn't exist at all. That ideal is unrealistic. A step up from that is the security industry is very small. Accept those as the basis for what I say next. Given the conditions of "insecure by design," the amount of "harden

Model Context Protocol (MCP), clearly explained (with visuals):

Understanding a Program's Memory Layout

Hackers exploited Zero-click vulnerability in Samsung S25 Ultra under 1 min Pwn20wn 2025 hacking Contest and earned $100,000 💀

x.com/i/article/2015…