Input grammars for fuzzing and test generation! We introduce symbolic parsing, a technique to extract input grammars _statically_ from code, without requiring any input samples. First experiments show an accuracy of 99-100%. Find us Thu 17:00 at FSE 2024: 2024.esec-fse.org/details/fse-20…

We developed an RP2350 hacking challenge with hextree.io... The challenge is simple: set up your 2350 into standard secure mode, figure out how to hack it, tell us the secret programmed into its OTP. The first person to do so wins $10,000! Details👇 raspberrypi.com/news/can-you-h…

Le programme ! Il reste encore quelques places pour les retardataires: helloasso.com/associations/b…

Speech recognition with word level timestamps

Bootstrapping security analysis of Arlo cameras (IoT devices) synacktiv.com/en/publication… Credits Thomas Jeunet (Synacktiv) #infosec #embedded

Look mum, I compiled dragondance for the latest Ghidra github.com/domenukk/drago…

New this year, Hexacon is hosting an on-site CTF speedrun competition! 🆕 🔹 A qualifying challenge to be completed on Friday. 🔹 Finals in 1vs1 BO3 on Friday night, flag first to advance to the next round. ➡️ More information: hexacon.fr/speedrun/

Intro to Satellite hacking concepts and CTFs Satellite Hacking Demystified: redteamrecipe.com/satellite-hack… Hack-a-sat writeups: github.com/solar-wine/wri… Hack-a-sat players corner: hackasat.com/players-corner/ #cybersecurity #satellite

Slides for my Ekoparty | Hacking everything talk "Advanced Fuzzing With LibAFL" - > docs.google.com/presentation/d…

cemu: lightweight multi-architecture assembly playground meterpreter.org/cemu-lightweig…

Explore the car's CAN bus 🚗 with Flipper Zero + CAN module from Electronic Cats hackster.io/electronic-cat…

DMA attacks via SD cards : swarm.ptsecurity.com/new-dog-old-tr… Ref : Android Jetpack Navigation: Deep Links Handling Exploitation : swarm.ptsecurity.com/android-jetpac… credits PT SWARM

The Qualcomm DSP Driver - Unexpectedly Excavating an Exploit googleprojectzero.blogspot.com/2024/12/qualco…

CVE-2024-42845 reddit.com/r/netsec/comme…

🤖 Hacking CTFs with Plain Agents Solving 95% of the challenges in InterCode-CTF, using prompting, tool use, & multiple attempts Without complex engineering or advanced harnessing. arxiv.org/html/2412.0277…

Security through transparency: all chips have vulnerabilities, and most vendors' strategy is not to talk about them. In contrast, we aim to find and fix them. Read the results of our RP2350 Hacking Challenge: rpltd.co/rp2350-challen…

Speculative Execution to break ARM’s Memory Tagging Extension (MTE) arxiv.org/pdf/2406.08719 #Linux #cybersecurity

KernelSnitch: Side-Channel Attacks on Kernel Data Structures lukasmaar.github.io/papers/ndss25-…

Today, we announced the official release of OSV-SCALIBR, Google's software composition analysis library. If you are working in vuln management / security scanning, SCALIBR is for you! SCALIBR is powering most of Google's vuln scanning. Please RT security.googleblog.com/2025/01/osv-sc…

Hi all ! For obvious reasons I won't be using my account on X anymore. From now on I'll be on BlueSky at julienlancia.bsky.social (Julien Lancia.bsky.social) . See you there!