biazo's Avatar

biazo

@vtl0.bsky.social

Hypervisor Enjoyer. Security @ MORSE

94 Followers  |  295 Following  |  4 Posts  |  Joined: 29.10.2024  |  1.8558

Latest posts by vtl0.bsky.social on Bluesky

The worst bugs are the ones where the code mostly works. Low-level AI coding is so complex that I (an the AI that I write code with), produce an annoying number of them.

10.05.2025 00:32 β€” πŸ‘ 25    πŸ” 4    πŸ’¬ 2    πŸ“Œ 1

You asked, we delivered: Binary Ninja 5.0 brings major iOS reversing upgrades! DYLD Shared Cache is now a first-class feature, with up to 18x faster performance and way smarter analysis across the board. binary.ninja/2025/04/23/5...

24.04.2025 19:44 β€” πŸ‘ 12    πŸ” 5    πŸ’¬ 1    πŸ“Œ 0
Post image 01.04.2025 02:46 β€” πŸ‘ 37    πŸ” 7    πŸ’¬ 2    πŸ“Œ 0
Post image 01.04.2025 04:11 β€” πŸ‘ 14    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Preview
Fileless lateral movement with trapped COM objects | IBM New research from IBM X-Force Red has led to the development of a proof-of-concept fileless lateral movement technique by abusing trapped Component Object Model (COM) objects. Get the details.

[Blog] This ended up being a great applied research project with my co-worker Dylan Tran on weaponizing a technique for fileless DCOM lateral movement based on the original work of James Forshaw. Defensive recommendations provided.

- Blog: ibm.com/think/news/f...
- PoC: github.com/xforcered/Fo...

25.03.2025 21:21 β€” πŸ‘ 15    πŸ” 11    πŸ’¬ 0    πŸ“Œ 1
Preview
The Key to COMpromise - Writing to the Registry (again), Part 4 In this series of blog posts, we cover how we could exploit five reputable security products to gain SYSTEM privileges with COM hijacking. If you've never heard of this, no worries. We introduce all r...

Wrapping up our COM hijacking series! πŸŽ‰

In the final part, we discuss a custom IPC protocol, use a registry write to gain SYSTEM privileges, and explore Denial of Service attacks on security products. πŸ’₯πŸ’»

Don't miss it! neodyme.io/en/blog/com_...

26.02.2025 15:38 β€” πŸ‘ 2    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Screenshot showing the execution of the proof-of-concept named PowerChell in comparison to a typical PowerShell prompt. In particular, it shows that PowerChell is able to bypass the Constrained Language Mode (CLM).

Screenshot showing the execution of the proof-of-concept named PowerChell in comparison to a typical PowerShell prompt. In particular, it shows that PowerChell is able to bypass the Constrained Language Mode (CLM).

In this blog post, I explain how I was able to create a PowerShell console in C/C++, and disable all its security features (AMSI, logging, transcription, execution policy, CLM) in doing so. πŸ’ͺ

πŸ‘‰ blog.scrt.ch/2025/02/18/r...

19.02.2025 09:13 β€” πŸ‘ 43    πŸ” 19    πŸ’¬ 2    πŸ“Œ 2
Preview
HTB: Cicada Cicada is a pure easy Windows Active Directory box. I’ll start enumerating SMB shares to find a new hire welcome note with a default password. I’ll RID-cycle to get a list of usernames, and spray that password to find a user still using it. With a valid user I can query LDAP to find another user with their password stored in their description. That user has access to a share with a dev script used for backup, and more creds. Those creds work to get a shell, and the user is in the Backup Operators group, so I can exfil the registry hives and dump the machine hashes.

Cicada from HackTheBox is a really nice easy introduction to Windows / Active Directory exploitation.

15.02.2025 15:00 β€” πŸ‘ 4    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0
Preview
Add support for Unicorn engine by henri2h Β· Pull Request #1054 Β· AFLplusplus/LibAFL Add support for unicorn engine for CPU emulation Currently support X86 ARM ARM64 Supersede:Β henri2h#1

github.com/AFLplusplus/... πŸ‘€

LibAFL 🀝 Unicorn

#LibAFL #🀝 #Unicorn
by @henri2h.bsky.social

15.02.2025 03:18 β€” πŸ‘ 12    πŸ” 4    πŸ’¬ 0    πŸ“Œ 1
Preview
Hyperlight: Achieving 0.0009-second micro-VM execution time - Microsoft Open Source Blog In this post, we’ll take the demo application and show how it demonstrates one way you can use Hyperlight in your applications.Β Learn more.

Learn how hyperlight can create virtualization-based sandboxes for WASM applications:

12.02.2025 17:17 β€” πŸ‘ 26    πŸ” 11    πŸ’¬ 0    πŸ“Œ 1
Preview
Introducing HyperHook: A harnessing framework for Nyx In this post, we introduce HyperHook, a harnessing framework for snapshot-based fuzzing for user-space applications using Nyx. HyperHook simplifies guest-to-host communication and automates repetitive...

πŸͺIntroducing HyperHook! πŸͺ
A harnessing framework for snapshot-based #fuzzing using Nyx. βš’οΈ
HyperHook simplifies guest-to-host communication & automates repetitive tasks, making snapshot-fuzzing easier & more efficient!
πŸ”— Read more: neodyme.io/en/blog/hype...

05.02.2025 15:18 β€” πŸ‘ 3    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0

I’m very excited to announce that we at V8 Security have finally published our first version of Fuzzilli that understands Wasm!
Go check it out at https://github.com/googleprojectzero/fuzzilli.
While we still have a way to go in improving it, we think it shows a promising approach!

04.02.2025 19:34 β€” πŸ‘ 31    πŸ” 16    πŸ’¬ 1    πŸ“Œ 1
Preview
Process Hollowing on Windows 11 24H2 Process Hollowing (a.k.a. RunPE) is probably the oldest, and the most popular process impersonation technique (it allows to run a malicious executable under the cover of a benign process). It is us…

In case if you wonder what broke #ProcessHollowing on Windows 11 24H2, I have something for you: hshrzd.wordpress.com/2025/01/27/p...

26.01.2025 23:55 β€” πŸ‘ 58    πŸ” 38    πŸ’¬ 0    πŸ“Œ 1
Post image

Profile Explorer is a tool for viewing CPU profiling traces collected through the Event Tracing for Windows (ETW) infrastructure on machines with x64 and ARM64 CPUs

github.com/microsoft/pr...

24.01.2025 21:05 β€” πŸ‘ 16    πŸ” 6    πŸ’¬ 3    πŸ“Œ 0

Lots of questions about the new admin protection feature in Windows so the MORSE team decided to do a writeup. Working on part 2 now, should be done in a day or two. techcommunity.microsoft.com/blog/microso...

23.01.2025 23:09 β€” πŸ‘ 10    πŸ” 7    πŸ’¬ 0    πŸ“Œ 0
Post image Post image Post image Post image

the chinese netizens have put america in the ground

14.01.2025 19:20 β€” πŸ‘ 5148    πŸ” 1420    πŸ’¬ 334    πŸ“Œ 831
Project Zero

Just unrestricted an issue that shows a fun new attack surface. Android RCS locally transcribes incoming media, making vulnerabilities audio codecs now fully-remote. This bug in an obscure Samsung S24 codec is 0-click

project-zero.issues.chromium.org/issues/36869...

10.01.2025 00:08 β€” πŸ‘ 38    πŸ” 16    πŸ’¬ 1    πŸ“Œ 2

Kids these days don't even know how much opportunity they have to learn hacking from actual pros.

I know there is a lot of content out there, so it can be hard to find the good stuff. But 10 years ago you had to be lucky to find at least something.

Anyway, watch this πŸ‘‡

31.12.2024 10:10 β€” πŸ‘ 61    πŸ” 8    πŸ’¬ 2    πŸ“Œ 0
Preview
Trying Out Binary Ninja's new WARP Signatures with IPSW Diff'ing Binary diff'ing is pretty complex, but being able to apply markup from one binary to another is quite powerful. Binary Ninja's new WARP extends previous efforts, using SigKit, to quickly identify libr...

Binary diff'ing is hard. But it's super powerful to apply markup from previous reverse engineering efforts to a new binary.

Binary Ninja is switching up how they match function signatures with WARP.

www.seandeaton.com/binary-ninja...

#binaryninja #reverseengineering #ghidra #ida #decompiler

27.12.2024 13:07 β€” πŸ‘ 25    πŸ” 6    πŸ’¬ 0    πŸ“Œ 0

Stability in AFL++/LibAFL is quantified by the percentage of edges in the target that are considered β€œstable”. If repeatedly sending identical inputs results in the data traversing the same path through the target each time, then the stability is determined to be 100%.

24.12.2024 21:18 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0
The Qualcomm DSP Driver - Unexpectedly Excavating an Exploit Posted by Seth Jenkins, Google Project Zero This blog post provides a technical analysis of exploit artifacts provided to us by Google's Thr...

Can you find an ITW 0-day from crash logs? Project Zero finds out

googleprojectzero.blogspot.com/2024/12/qual...

16.12.2024 06:16 β€” πŸ‘ 15    πŸ” 7    πŸ’¬ 0    πŸ“Œ 0
BlueHat 2024: S09: Pointer Problems – Why We’re Refactoring the Windows Kernel
YouTube video by Microsoft Security Response Center (MSRC) BlueHat 2024: S09: Pointer Problems – Why We’re Refactoring the Windows Kernel

Important news: Microsoft is working to bring SMAP into Windows

www.youtube.com/watch?v=-3jx...

Great talk by Joe Bialek from MORSE team

16.12.2024 04:29 β€” πŸ‘ 18    πŸ” 7    πŸ’¬ 1    πŸ“Œ 0
Preview
GitHub - microsoft/markitdown: Python tool for converting files and office documents to Markdown. Python tool for converting files and office documents to Markdown. - microsoft/markitdown

Microsoft just released a tool that lets you convert Office files to Markdown. Never thought I'd see the day.

Google also added Markdown export to Google Docs a few months ago.

github.com/microsoft/markitdown

13.12.2024 20:25 β€” πŸ‘ 529    πŸ” 127    πŸ’¬ 24    πŸ“Œ 24
Cover for the book "Building a Debugger" from No Starch Press. A robot sits at a drafting table drawing a complex machine. In the top-right corner of the table, there is a post-it note with a bug drawn on it and crossed out

Cover for the book "Building a Debugger" from No Starch Press. A robot sits at a drafting table drawing a complex machine. In the top-right corner of the table, there is a post-it note with a bug drawn on it and crossed out

The cover for my book on how debuggers work is here!

Preorders are still 25% off: nostarch.com/building-a-d...

14.12.2024 00:05 β€” πŸ‘ 182    πŸ” 37    πŸ’¬ 9    πŸ“Œ 3
4 panel of a comic style drawing. First panel has a T-rex doing a standup comic routine with a speech bubble containing the words "What's the difference between a light bulb and a cybersecurity professional?" Second panel has these words in the speech bubble "A light bulb stops working when it burns out." Third panel has a drawing of sad looking dinosaurs while the fourth panel has the T-rex stand up comedian with tears on its eyes.

4 panel of a comic style drawing. First panel has a T-rex doing a standup comic routine with a speech bubble containing the words "What's the difference between a light bulb and a cybersecurity professional?" Second panel has these words in the speech bubble "A light bulb stops working when it burns out." Third panel has a drawing of sad looking dinosaurs while the fourth panel has the T-rex stand up comedian with tears on its eyes.

This is my annual reminder to y'all wonderful folks in infosec: please take care & you're important. Your physical & mental health are important aspects of your life. The work we do & the environments we work in can significantly impact these. There is no shame in taking care of yourself first.πŸ’œ

12.12.2024 01:00 β€” πŸ‘ 126    πŸ” 24    πŸ’¬ 1    πŸ“Œ 4
Originally the default wallpaper of Microsoft's Windows XP, this photo shows green rolling hills with a vibrant blue sky and white clouds in the background. Charles O'Rear took the photo in California, USA.

Originally the default wallpaper of Microsoft's Windows XP, this photo shows green rolling hills with a vibrant blue sky and white clouds in the background. Charles O'Rear took the photo in California, USA.

We've always been a fan of blueskies.

04.04.1975 12:00 β€” πŸ‘ 11865    πŸ” 2119    πŸ’¬ 652    πŸ“Œ 657
Preview
Microsoft Boosts Device Security With Windows Resiliency Initiative Microsoft is readying a new release of Windows in 2025 that will have significant security controls such as more resilient drivers and "self-defending" operating system kernel.

"We're ensuring this platform will enable security solution providers to have the access they need to detect and respond to threats without introducing complexity into the kernel,

www.darkreading.com/endpoint-sec...

03.12.2024 01:03 β€” πŸ‘ 11    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Preview
Binary Ninja - internship-2025 Binary Ninja is a modern reverse engineering platform with a scriptable and extensible decompiler.

Want to help build Binary Ninja this summer? Our 2025 summer internship application process is live!

02.12.2024 19:13 β€” πŸ‘ 9    πŸ” 8    πŸ’¬ 0    πŸ“Œ 0
A squirrel perched on a thin tree branch surrounded by yellow leaves, holding a small piece of food in its front paws. The squirrel faces the camera directly, with its bushy tail visible behind it. The background shows a clear blue sky.

A squirrel perched on a thin tree branch surrounded by yellow leaves, holding a small piece of food in its front paws. The squirrel faces the camera directly, with its bushy tail visible behind it. The background shows a clear blue sky.

Chunky boi

02.12.2024 12:50 β€” πŸ‘ 231    πŸ” 13    πŸ’¬ 7    πŸ“Œ 2
Microsoft using yugioh card on hacker "that's not a security boundary"

Microsoft using yugioh card on hacker "that's not a security boundary"

01.12.2024 16:02 β€” πŸ‘ 176    πŸ” 17    πŸ’¬ 6    πŸ“Œ 1

@vtl0 is following 20 prominent accounts