Alexandre Borges

I am excited to release the extended version of the sixth article in the Exploiting Reversing Series (ERS). Titled "A Deep Dive Into Exploiting a Minifilter Driver (N-day)" this 293-page deep dive offers a comprehensive roadmap for vulnerability exploitation:

exploitreversing.com/2026/02/11/e...

The sixth article in the Exploiting Reversing Series (ERS), "A Deep Dive Into Exploiting a Minifilter Driver (N-day)", a 251-page article provides a comprehensive look at a past vulnerability in a mini-filter driver, is available:

exploitreversing.com/2026/02/11/e...

#exploit #vulnerability

YouTube video by Black Hat Decompiler Internals: Microcode

This presentation remains the go-to reference for learning the inner workings of the IDA Pro Hex-Rays decompiler:

(video) www.youtube.com/watch?v=T-Yk...

(article) i.blackhat.com/us-18/Thu-Au...

#decompiler #reverseengineer #informationsecurity #cybersecurity

[Cryptodev-linux] Page-level UAF exploitation IntroductionIn november 2025 I started a fuzzing campaign against cryptodev-linux as part of a school project. I found +10 bugs (UAF, NULL pointer dereferences and integer overflows) and among all of

[Cryptodev-linux] Page-level UAF exploitation:

nasm.re/posts/crypto...

#linux #cybersecurity #informationsecurity #uaf #exploitation #vulnerability

TP-Link ER605 DDNS Pre-Auth RCE: Chaining CVE-2024-5242, CVE-2024-5243, CVE-2024-5244

TP-Link ER605 DDNS Pre-Auth RCE: Chaining CVE-2024-5242, CVE-2024-5243, CVE-2024-5244:

oobs.io/posts/er605-...

#exploit #vulnerability #rce #informationsecurity #cybersecurity #infosec

Before Vegas: The “Red Hackers” Who Shaped China’s Cyber Ecosystem

Before Vegas: The “Red Hackers” Who Shaped China’s Cyber Ecosystem:

ethz.ch/content/dam/...

#cybersecurity #redteam #informationsecurity #threathunting #exploitation #infosec

Malwoverview 7.0

Malwoverview 7.0 has been released:

github.com/alexandrebor...

This version introduces a new vulnerability-focused approach, and the first feature is NIST support, which allows listing and searching for registered vulnerabilities.

#vulnerabilities #cve #cybersecurity #informationsecurity

Malwoverview 7.0

Malwoverview 7.0 has been released:

github.com/alexandrebor...

This version introduces a new vulnerability-focused approach, and the first feature is NIST support, which allows listing and searching for registered vulnerabilities.

#vulnerabilities #cve #cybersecurity #informationsecurity

Phantom Grid

Phantom Grid:

Phantom Grid is an enterprise-grade, kernel-level active defense system that transforms Linux servers into a controlled, deceptive attack surface.

github.com/haidang-info...

#kernel #linux #honeypot #informationsecurity #cybersecurity #defense #ebpf

Achieving remote code execution in LangSmith Playground using unsafe template formatting

Achieving remote code execution in LangSmith Playground using unsafe template formatting:

lab.ctbb.show/research/lan...

#webapp #exploit #exploitation #infosec #informationsecurity #cybersecurity #ai

Dangling pointers, fragile memory – from an undisclosed vulnerability to a Pixel 9 Pro escalation

Dangling pointers, fragile memory – from an undisclosed vulnerability to a Pixel 9 Pro escalation:

dawnslab.jd.com/Pixel_9_Pro_...

#android #vulnerability #eop #cybersecurity #infosec #informationsecurity #cve

CVE-2025-32432: Craft CMS RCE Vulnerability Explained - OPSWAT Learn about CVE-2025-32432 in Craft CMS—how the remote code execution vulnerability works, affected versions, exploitation details, and mitigation steps.

CVE-2025-32432: Unauthenticated Remote Code Execution in Craft CMS:

www.opswat.com/blog/cve-202...

#exploitation #cms #vulnerability #cybersecurity #informationsecurity #cve

Blind trust: what is hidden behind the process of creating your PDF file? Every day, thousands of web services generate PDF (Portable Document Format) files—bills, contracts, reports. This step is often treated as a technical routine, “just convert the HTML,” but in practic...

Blind trust: what is hidden behind the process of creating your PDF file?

swarm.ptsecurity.com/blind-trust-...

#vulnerability #cve #exploitation #infosec

MongoBleed explained simply

MongoBleed explained simply:

bigdata.2minutestreaming.com/p/mongobleed...

#exploit #exploitation #cve #vulnerability #mongodb #informationsecurity #infosec

From Coverage to Causes: Data-Centric Fuzzing for JavaScript Engines:

(paper) arxiv.org/pdf/2512.18102
(project) github.com/KKGanguly/Da...

#fuzzing #vulnerability #javascript #exploitation #llm

Callback hell: abusing callbacks, tail-calls, and proxy frames to obfuscate the stack:

klezvirus.github.io/posts/Callba...

#cybersecurity #infosec #windows #reverseengineering #programming

Announcing hardware-accelerated BitLocker - Windows IT Pro Blog BitLocker takes advantage of the latest and modern SoC and CPU capabilities for better performance and security.   

Announcing hardware-accelerated BitLocker:

techcommunity.microsoft.com/blog/windows...

#crypto #cybersecurity #infosec #informationsecurity #hacking #bitlocker

How I Found a $2,418 Vulnerabilities with a $5 Prompt Hi I'm Seokchan Yoon. Currently working for blockchain security audit company Zellic.io and also a member of the security team of Apache Foundation's Airflow project Two months ago, I've twitted by s...

$5 Prompt Finds $2,418 Vulnerability:

new-blog.ch4n3.kr/llm-found-se...

#cybersecurity #vulnerability #infosec #informationsecurity #bug

A look at an Android ITW DNG exploit:

projectzero.google/2025/12/andr...

#android #exploit #vulnerability #cybersecurity #informationsecurity

There is no support for now.

godap: A complete TUI for LDAP

godap: A complete TUI for LDAP.

github.com/Macmod/godap

#ldap #cybersecurity #informationsecurity #hacking #redteam

Extending Kernel Race Windows Using '/dev/shm' Recently, I came across this kernelCTF submission where the author mentions a novel technique for extending race windows in the Linux kernel: I learned…

Extending Kernel Race Windows Using '/dev/shm':

faith2dxy.xyz/2025-11-28/e...

#kernel #linux #exploitation #cybersecurity #infosec #informationsecurity

A look at an Android ITW DNG exploit:

googleprojectzero.blogspot.com/2025/12/a-lo...

#android #exploit #vulnerability #zeroclick #exploitation #mobilesecurity

React2Shell Exploits on GitHub | Blog | VulnCheck VulnCheck reviewed the full wave of React2Shell exploits published on GitHub, discarding about half as broken or misleading and surfacing several genuinely interesting techniques from the rest. We cur...

React2Shell Exploits on GitHub:

www.vulncheck.com/blog/react2s...

#react2shell #exploit #exploitation #cybersecurity #cve #vulnerability #nodejs

No Leak, No Problem - Bypassing ASLR with a ROP Chain to Gain RCE

No Leak, No Problem - Bypassing ASLR with a ROP Chain to Gain RCE;

modzero.com/en/blog/no-l...

#exploitation #cve #rce #rop #aslr #arm #iot

This is a really interesting project: it allows you to track all Windows releases/updates, KBs, interact with the file systems associated with them, and even download files.:

oswatcher.github.io/frontend/

#windows #kb #updates #security #research

N-Able (Formerly SolarWinds MSP) Windows Software Probe Remote Code Execution (CVE-2025-11367) N-Able Windows Software Probe Remote Code Execution Recently I was performing a penetration test using Reverge when an interesting service caught my attention. The banner reported “ms .net remoting s...

N-Able Windows Software Probe Remote Code Execution:

www.securifera.com/blog/2025/12...

#dotnet #vulnerability #windows #hacking #exploitation #infosec #informationsecurity

High Fidelity Detection Mechanism for RSC/Next.js RCE (CVE-2025-55182 & CVE-2025-66478) › Searchlight Cyber This morning, an advisory was released for Next.js about a vulnerability that leads to RCE in default configurations, with no prerequisites. The root cause of this issue lies in React Server Component...

High Fidelity Detection Mechanism for RSC/Next.js RCE (CVE-2025-55182 & CVE-2025-66478):

slcyber.io/research-cen...

#exploit #exploitation #infosec #informationsecurity #cve #rce #hacking #deserialization

This vulnerability was the inspiration for the first step of the Panel challenge we played during last week’s Grehack CTF

But we found a dumb bypass 😎

Linux Kernel Explorer:

reverser.dev/linux-kernel...

#linux #kernel #programming #sourcecode #informationsecurity