's Avatar

@cdzeno.bsky.social

Security Researcher @nozominetworks

64 Followers  |  125 Following  |  2 Posts  |  Joined: 19.12.2023  |  1.9936

Latest posts by cdzeno.bsky.social on Bluesky

Post image Post image Post image Post image

E voi, che cane avete? (continua⬇️ )
#canotipi #cani #cane #cana

23.03.2025 08:51 β€” πŸ‘ 49    πŸ” 8    πŸ’¬ 6    πŸ“Œ 2
Preview
Tutorial: unpacking executables with TinyTracer + PE-sieve In this short blog I would like to demonstrate you how to unpack an executable with PE-sieve and Tiny Tracer. As an example, let’s use the executable that was packed with a modified UPX: 8f66…

A small demo/tutorial on unpacking executables with #PEsieve and #TinyTracer: hshrzd.wordpress.com/2025/03/22/u...
- automatic OEP finding, reconstructing IAT, avoiding antidebugs and fixing imports broken by shims

22.03.2025 20:53 β€” πŸ‘ 29    πŸ” 13    πŸ’¬ 0    πŸ“Œ 0
Preview
The ESP32 "backdoor" that wasn't | Dark Mentor LLC 4 day class covering the full Bluetooth Low Energy (BLE) protocol stack from the bottom (PHY) up to the top (GATT). The core of the class is built around playing with a game application on an Android phone, talking via Bluetooth to an IoT-type piece of hardware, and analyzing the communication between them. The 4th day is focused on assessing a cutomized Ultra-Vulnerable Peripheral firmware, running on Zephyr RTOS, which has had vulnerabilities introduced into it which are representative of vulnerabilities found in the past across many other platforms.

I’ve posted a detailed explanation of why the claimed ESP32 Bluetooth chip β€œbackdoor” is not a backdoor. It’s just a poor security practice, which is found in other Bluetooth chips by vendors like Broadcom, Cypress, and Texas Instruments too. https://darkmentor.com/blog/esp32_non-backdoor/

09.03.2025 12:49 β€” πŸ‘ 57    πŸ” 34    πŸ’¬ 7    πŸ“Œ 3
Preview
On Apple Exclaves Enhancing kernel isolation, one step at a time.

Great article about Apple's 🍎 Exclaves & Conclaves that provides a high-level overview and then dives into technical details implemented in XNU πŸ‘€

randomaugustine.medium.com/on-apple-exc...

10.03.2025 00:25 β€” πŸ‘ 11    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0

THIS IS HUGE! Researchers at Stanford University have developed a dual-antibody treatment that remains effective against ALL SARS-CoV-2 variants by targeting a less-mutable part of the virus. This breakthrough could lead to longer-lasting therapies that OUTPACE viral evolution. πŸ§ͺπŸ§΅β¬‡οΈ

09.03.2025 16:00 β€” πŸ‘ 29957    πŸ” 7882    πŸ’¬ 587    πŸ“Œ 723
Preview
Undocumented commands found in Bluetooth chip used by a billion devices The ubiquitous ESP32 microchip made by Chinese manufacturer Espressif and used by over 1 billion units as of 2023 contains undocumented commands that could be leveraged for attacks.

Tarlogic found a "backdoor" im the ESP32 chips:
bleepingcomputer.com/news/security/undocumented-commands-found-in-bluetooth-chip-used-by-a-billion-devices

Broadcom & Cypress chips have the same HCI "backdoor" allowing to write to the Bluetooth chip's RAM. This feature is used for firmware patches.

09.03.2025 12:39 β€” πŸ‘ 11    πŸ” 2    πŸ’¬ 1    πŸ“Œ 0
Original post on infosec.exchange

The 3rd episode of our #OffensiveRust series, "Streamlining vulnerability research with #IDAPro and #Rust", is here! @raptor introduces new tools to assist with reverse engineering and vulnerability research, based on @HexRaysSA IDA and @binarly_io idalib […]

25.02.2025 06:40 β€” πŸ‘ 2    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0
Post image Post image

TP-Link (Tapo) C210 V2 cloud camera: bootloader vulnerability and firmware decryption

watchfulip.github.io/28-12-24/tp-...

#embedded #infosec

15.02.2025 12:49 β€” πŸ‘ 6    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Post image

β€œDecompiling Mobile Apps With AI Language Models” by @trufae.bsky.social at @nowsecure.bsky.social www.nowsecure.com/blog/2025/01...

29.01.2025 17:54 β€” πŸ‘ 12    πŸ” 6    πŸ’¬ 1    πŸ“Œ 0

[RSS] Linux Kernel TLS Part 1


u1f383.github.io ->


Original->

20.01.2025 07:48 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Post image

All videos from The 38th Chaos Communication Congress (38C3) 2024:

media.ccc.de/b/congress/2...

#cybersecurity #informationsecurity #hacking #exploitation #iOS #android #apple #exploitation #reverseengineering #vulnerability

31.12.2024 17:42 β€” πŸ‘ 32    πŸ” 17    πŸ’¬ 0    πŸ“Œ 1
Example LLM prompt from β€œFrom One Thousand Pages of Specification to Unveiling Hidden Bugs: Large Language Model Assisted Fuzzing of Matter IoT Devices”

Example LLM prompt from β€œFrom One Thousand Pages of Specification to Unveiling Hidden Bugs: Large Language Model Assisted Fuzzing of Matter IoT Devices”

β€œFrom One Thousand Pages of Specification to Unveiling Hidden Bugs: Large Language Model Assisted Fuzzing of Matter IoT Devices”

With a focus on the Matter network protocol, walks through the process of using an LLM to transform a human-readable spec into something a fuzzer can leverage.

30.12.2024 21:17 β€” πŸ‘ 3    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0

Hello new (fuzzing) followers! I haven’t done much fuzzing recently unfortunately but here’s an example of past work I’m happy to talk about: mhlakhani.com/static/pdf/F...

Still hope to get back to it one day. But for now I’m still in the security / systems space (and dabbling in AI)

24.12.2024 23:00 β€” πŸ‘ 9    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Preview
GitHub - microsoft/markitdown: Python tool for converting files and office documents to Markdown. Python tool for converting files and office documents to Markdown. - microsoft/markitdown

Microsoft just released a tool that lets you convert Office files to Markdown. Never thought I'd see the day.

Google also added Markdown export to Google Docs a few months ago.

github.com/microsoft/markitdown

13.12.2024 20:25 β€” πŸ‘ 530    πŸ” 128    πŸ’¬ 24    πŸ“Œ 24
Preview
GitHub - fishttp/awesome-bluesky: A list of all known tools available for the Bluesky platform A list of all known tools available for the Bluesky platform - fishttp/awesome-bluesky

github.com/fishttp/awes...

30.11.2024 11:56 β€” πŸ‘ 139    πŸ” 47    πŸ’¬ 9    πŸ“Œ 2
Post image 30.11.2024 15:06 β€” πŸ‘ 37    πŸ” 12    πŸ’¬ 2    πŸ“Œ 0
Preview
sdk.blue A curated list of libraries & SDKs for the Bluesky API and AT Protocol

I'm launching a new website: sdk.blue - a list of all libraries/SDKs for building things on #ATProto, grouped by language πŸ™‚

If I forgot anything important, or you have an ATProto/Bluesky library that you think would be a good fit there (or if I should remove anything), please send me a PR :) #atdev

21.11.2024 15:23 β€” πŸ‘ 904    πŸ” 236    πŸ’¬ 68    πŸ“Œ 15
LIEF Disassembler API based on LLVM MC

LIEF Disassembler API based on LLVM MC

So for my first post on Bluesky, I'm happy to share that LIEF (extended) is now providing an API to disassemble code (backed by the LLVM MC layer).

This disassembler is integrated with other functionalities
like dyldsc or DWARF info.

You can checkout lief.re/doc/latest/e... for the details.

23.11.2024 09:33 β€” πŸ‘ 29    πŸ” 9    πŸ’¬ 1    πŸ“Œ 1
Preview
Advanced Fuzzing With LibAFL @ Ekoparty 2024 Advanced Fuzzing With LibAFL Dominik Maier Ekoparty 2024-11-15 1

Slides for my @ekoparty talk "Advanced Fuzzing
With LibAFL"
- >
docs.google.com/presentation...

15.11.2024 19:27 β€” πŸ‘ 44    πŸ” 21    πŸ’¬ 0    πŸ“Œ 1

C Harness to #LibAFL

https://github.com/v-p-b/libfuzzer_kfx/blob/main/C2LIBAFL.md

I nice part of making an archive of my Twitter posts is that I realize I wrote stuff like this o.O #fuzzing


Original->

23.11.2024 14:56 β€” πŸ‘ 5    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0
Post image

Just discovered 10 memory corruption vulnerabilities in the popular Mongoose Web Server (11k stars on GitHub) by fuzzing its embedded TLS stack protocol with @aflplusplus.bsky.social. More technical details here: www.nozominetworks.com/blog/hunting...

#fuzzing #afl #vulnerability #tls

19.11.2024 18:45 β€” πŸ‘ 21    πŸ” 5    πŸ’¬ 2    πŸ“Œ 0

My DM is open if you’re interested in more technical details about the research :)

19.11.2024 18:45 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

Just discovered 10 memory corruption vulnerabilities in the popular Mongoose Web Server (11k stars on GitHub) by fuzzing its embedded TLS stack protocol with @aflplusplus.bsky.social. More technical details here: www.nozominetworks.com/blog/hunting...

#fuzzing #afl #vulnerability #tls

19.11.2024 18:45 β€” πŸ‘ 21    πŸ” 5    πŸ’¬ 2    πŸ“Œ 0
Post image

Physics vs. Magic xkcd.com/2904

08.03.2024 22:09 β€” πŸ‘ 2422    πŸ” 514    πŸ’¬ 27    πŸ“Œ 33

@cdzeno is following 20 prominent accounts