After 3 years of development, today we proudly announce & celebrate the first release of a new hypervisor-based user-mode & kernel-mode debugger, HyperDbg. 🎉 As an alternative to #Windbg, HyperDbg is mainly built for analyzing, reversing, and fuzzing! github.com/HyperDbg/Hyper…

Time Travel Debugging for #IDA !!! github.com/airbus-cert/tt… #SSTIC. Thanks Ajax !!!

New release of github.com/commial/ttd-bi…, featuring more API wrapping (thanks Sylvain Peyrefitte), and new examples: coverage (LightHouse compatible) and a trace producer for the awesome Tenet plugin (cc )

The results are out! We are very honoured to have won first place🥇in the Hex-Rays plugin contest 2022 🎉 Our entry was "ttddbg", a time-travel debugging plugin for IDA already presented at #SSTIC 2022. Many congratulations to all the other entrants!

My first blog post about analyzing windows defender is out! Fuzzing the Shield: CVE-2022–24548 - medium.com/s2wblog/fuzzin…

Comment bien commencer la nouvelle année ? En soumettant à SSTIC ! Vous avez jusqu'au 30 janvier. Toutes les infos : sstic.org/2023/cfp/

If you use Obsidian for your #pentest / #redteam or #threatintel notes, you might be interested in the IVRE community plugin for #Obsidian, that uses data from IVRE to enrich your notes. Get it from Obsidian (in community plugins, look for "ivre") or see github.com/ivre/obsidian-…

Le programme est disponible : sstic.org/2023/programme/ ! La billetterie ouvrira dans les prochaines semaines.

Le challenge sera publié ce vendredi 31 mars à 19h00, heure de Paris à l'adresse suivante : sstic.org/2023/challenge/ À vos marques !

A short🧵 detailing a Kerberos LPE I discovered while working with James Forshaw on our BlackHat research. msrc.microsoft.com/update-guide/v… (CVE-2023-21817) This was fixed in Feb, but I think some will find the vulnerability & exploitation interesting. 1/

La billetterie de SSTIC 2023 ouvrira demain, le 13 avril à 10h00. Retrouvez les instructions sur sstic.org/2023/news/insc…

Honored to be invited to speak at SSTIC today. Stream my talk “Deep Attack Surfaces, Shallow Bugs” here: streaming.sstic.org

First big result from our new CPU research project, a use-after-free in AMD Zen2 processors! 🔥 AMD have just released updated microcode for affected systems, please update! lock.cmpxchg8b.com/zenbleed.html

L’ANSSI lance #Hackropole 🏛 une plateforme regroupant la quasi-totalité des épreuves du France Cybersecurity Challenge #FCSC. 🇫🇷 🏆 Une centaine d’épreuves est déjà disponible ! 💪 🚀Rendez-vous dès maintenant sur : cyber.gouv.fr/actualites/lan… #ANSSI #numérique #FCSC #ECSC

Write up of the HVCI bypass vuln (CVE-2024-21305) with Andrea Allievi ! tandasat.github.io/blog/2024/01/1…

Do you wish Time Travel Debugging was faster and more lightweight? Our latest version lets you decide exactly what you want recorded! Select modules to record or use the API for full control. Get your recording just the way you like it. Crusts optional. aka.ms/ttd

The SSTIC challenge 2024 is now opened and english friendly! You can find it here : sstic.org/2024/challenge! Good luck!

Nous sommes à la recherche de volontaires pour réaliser le challenge SSTIC 2025 ! Si vous êtes intéressé vous pouvez retrouver les informations pour nous contacter sur sstic.org ! Bonne fêtes ☃️