DEF CON early bird pricing ends soon! Register for Everyday Ghidra Windows Ghidra Reverse Engineering! l.clearseclabs.com/9u52s

Had a fantastic time teaching participants in my Ghidra CLI-to-MCP workshop. Huge thanks to REcon for the opportunity! Best part? Connecting afterward to brainstorm future ideas with so many brilliant minds. 🔥

Tick-tock... 10 days left until the Everyday Ghidra Virtual Course begins! Still debating? Here's your sign: grab 10% off with this last-minute coupon → em-2xilxwrrwuzgte58 Secure your spot now 🔐 l.clearseclabs.com/bksxk

#ghidriff v1.0.0 released with full support for Ghidra 11.4 🔥 Release : github.com/clearbluejar/g… 👀

First time in Ibiza for #OBTS 🌴☀️ and couldn’t be more stoked! Honored to be speaking alongside some brilliant researchers. In my new talk I'll explore Apple Security Updates and how to tear them open for intel. Bring your sunscreen and your curiosity😎🧠

New ghidrecomp release with support for Ghidra 11 👀

📢 Incoming release: pyghidra‑mcp 🛠️ Meet your new RE best friend. Harness frontier models or a local gpt-oss-20b llm brain to power Ghidra multi‑binary, project‑wide analysis. You’ll be slicing through code like butter 🧈😆 ETA: imminent. Keep your shells warm 🔥🐙⚡🐉

Been testing local LLM tool calling with openai/gpt-oss-20b (even at 4-bit) using pyghidra-mcp. It made 22 tool calls in a one-shot run to analyze multiple binaries and traced the call chain from user-mode through kernelbase.dll to the final syscall in ntdll! 🤯

new blog post, new tool 👀 Unlock project-wide, multi-binary analysis with pyghidra-mcp, a headless Ghidra MCP server for automated, LLM-assisted reverse engineering. clearbluejar.github.io/posts/pyghidra…

pyghidra-mcp: headless Model Context Protocol (MCP) server for Ghidra Blog post: clearbluejar.github.io/posts/pyghidra… Repository: github.com/clearbluejar/p… Credits clearbluejar #infosec

pyghidra-mcp from clearbluejar 🔥 youtube.com/watch?v=oWCiRQ…

pyghidra-mcp: headless Model Context Protocol (MCP) server for Ghidra by clearbluejar Blog post: clearbluejar.github.io/posts/pyghidra… Repository: github.com/clearbluejar/p… #infosec

pyghidra-mcp v0.1.9 released - Now supports async binary import. Add binaries to your Ghidra project without restarting your analysis session. 👀🔥

New tool "read_bytes" coming soon to pyghidra-mcp. See examples of pyghidra parsing Mach-O headers and interpreting them.

Breaking down the patch for CVE-2025-43400, a FontParser vulnerability in the latest macOS Tahoe and iOS 26.0.1 update. The issue: A malicious font could cause an out-of-bounds write, leading to memory corruption. Let's look at the fix. 🧵

John (clearbluejar) already uncovered what Apple fixed in CVE-2025-43400 on iOS/macOS 26.0.1 🍎🐛🔬🧠 And at #OBTS v8 he’ll show exactly how, with case studies, in his talk: “Reverse Engineering Apple Security Updates” Patch first, then make sure not to miss his #OBTS talk!

New paper just dropped on arXiv featuring my open‑source tool #ghidriff 👀 "Binary Diff Summarization using Large Language Models" The authors show how patch diffing provides the perfect context for LLMs that turn raw binary changes into structured, explainable insights. 🧵

At #OBTS John McIntosh (clearbluejar) from clearseclabs demo’d his pipeline that uses AI, ipsw and ghidriff to auto-extract and diff Apple firmware — rapidly reveals real code changes behind Apple security fixes and to get actionable root-cause intel. Super clever stuff!

We released part of Recon 2025 Video on youtube youtube.com/@reconmtl. We are getting ready to announce Recon 2026 recon.cx.