Top Tweets for #patchdiffing
رشتو: در این برنامه قراره در خصوص تکنیک #PatchDiffing روی Patchهای #مایکروسافت صحبت و از دو ابزار #Bindiff و #Diaphora استفاده کنن. همچنین نشون میدن که چطوری #هوش_مصنوعی میتونه این فرایند رو ساده تر کنه.
این برنامه ساعت 21:30 شروع میشه.
#AI #PatchTuesday
Join me this Friday at 11AM on the next @offby1security stream where I will diff a Microsoft patch from this year and see how far we get. We'll use tools like BinDiff and Diaphora and look at the process of determining the vulnerability.
https://t.co/35utmhoHVB
Hot of the #ghidriff #patchdiffing press for May 2025 we have CVE-2025-32701 clfs.sys #exploitedinwild🔥
2 functions modified with relevant changes 🧐
A new flag restricting an IoCreateFileEx call, impacting object ref/deref behavior #UAF 🤔👀
در این ویدیو از @LowLevelTweets آسیب پذیری CVE-2024-11477 در 7zip رو بررسی کردن.
از بررسی کد شروع شده تا #PatchDiffing و #فازینگ و ...
نهایت به چیزی که رسیده: آسیب پذیری قابلیت اکسپلویت شدن رو داره و هکرها در شرایطی میتونن از سیستم قربانی شل بگیرن.
https://t.co/Emkm5x9n5y
آسیب پذیری با شناسه CVE-2024-11477 در #7zip اصلاح شده که امکان اجرای کد دلخواه رو به مهاجم میده.
آس��بپذیری در Zstandard Decompression و از نوعinteger underflowهستش.
نسخه اصلاح شده : 24.07 به بالا
توسط ترندمیکرو و در 23 خرداد گزارش شده.
آسیب پذیری از چند جهت میتونه مهم باشه:
Exploiting Microsoft Kernel Applocker Driver (CVE-2024-38041) #MicrosoftKernelCVE #CyberSecurityServices #PatchDiffing #ExploitationProcess #RootCauseAnalysis https://t.co/oAPFdgAdz0
CVE-2024-22263: Spring Cloud Dataflow Arbitrary File Writing #SpringCloudDataflow #ArbitraryFileWriting #PatchDiffing #StaticAnalysis #LabSetup https://t.co/UYhnFjkoxT
jumping on the CVE-2024-38063 tcpip.sys train...🚂can't resist.. just need to figure out the right packet... 🤓
#patchdiffing #CVE #RE #ghidriff
https://t.co/8JNK2LTO97
Hot of the #ghidriff #patchdiffing press for April 2024 we have CVE-2024-26219 in HTTP.sys 🔥
MSRC just started publishing CWE info! For this CVE we have a "CWE-476: NULL Pointer Dereference" 👀
See if you can find it 🧐
Hint: "UxLastMdlChunkNullFix"
https://t.co/bDQX9gGCeG
Join @clearbluejar @1ns0mn1h4ck 2024 for "Patch Different on *OS". Check out this quick talk teaser video for a quick demo of some of the content! #INSO24 #Insomnihack #patchdiffing #apple https://t.co/lwmLkhrHgo
🔍✨ #patchdiffinthedark to step into the light. Latest VR/RE course led by @clearbluejar at #BHUSA. Root cause the latest CVEs with Ghidra. 2 offerings Sat/Sun or Mon/Tue. Early bird rates end May 24. #patchdiffing @BlackHatEvents
https://t.co/pYBuSQaIsh
hello 2024!
Hot off the #ghidriff #patchdiffing press we have the January 9, 2024—KB5034122 Windows 10 22H2 x64 kernel update ...
https://t.co/Rks8aFt5zV 🔥
Side by side view is here: https://t.co/Qxqb6Xd6nO 👀
This month the kernel fixes include CVE-2024-20698 ... as there are not too many changes, perhaps we find the root cause?
Take at look this function... https://t.co/C3PDrSYlzs 🧐
Hint: It rhymes with "vintager afterglow".
Also! This diff is testing out an upcoming ghidriff feature.. check out the new callgraph.
https://t.co/cCLBcvprMI
Hot off the #ghidriff #patchdiffing press, we have the December Windows 11 22H2 x64 kernel security update KB5033375: https://t.co/JnLRgXY8rw 🧐
Side-by-side view here: https://t.co/roqeZNLNNB
Hot off the #ghidriff #patchdiffing press we have November's Windows 11 22H2 x64 kernel update KB5032190:
https://t.co/BGVpQ9C8Nt 🧐
Side by side view is here: https://t.co/Wzcz4oJ8aV 👀
ghidriff v0.5.1 - usability updates, improved automated testing , and bug fixes 🪲
- github workflows now test a matrix of devcontainers across versions of python, Ghidra, and Java 🔥
https://t.co/01BzoLVGvL
#patchdiffing #ghidra #githubactions
Hot off the #ghidriff #patchdiffing press we have October's Windows 11 22H2 kernel Update KB5031354...
https://t.co/eOuKJVmGAz 👀
Just about finished with slides for my #patchdiffing workshop @reconmtl... Join me on Friday or Saturday to learn how to "Patch Diff In The Dark" #REcon2023
https://t.co/95KA2wUYni
CVE-2022-34718 patch diffing, root cause analysis and exploit PoC
Writeup by @chompie1337
https://t.co/ZDEOVqMEVD
#windows #patchdiffing #infosec #cybersecurity
Very well written #Windows #patchdiffing and #nday #exploitation walkthrough ✊
Dissecting and Exploiting TCP/IP RCE #Vulnerability EvilESP (CVE-2022-34718)
// by Valentina Palmiotti
https://t.co/CI1aJpnUj1
#Patchdiffing with #ghidra can be more of an art than a science. Ideally, the correlators have done their work, and all the analyst has to do is review the identified changes, additions, and deletions. https://t.co/dwOr7QxVdW
#Patchdiffing - “When we take the patched version and the unpatched version, and we run it through a tool that shows us the differences,” Zach Hanley.
This is an attacker’s perspective, one that’s invaluable to understanding change and solving problems. https://t.co/aGBppOfKE1
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.1M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.7M followers
Lady Gaga
@ladygaga
72.3M followers
Kim Kardashian
@kimkardashian
69.4M followers
Virat Kohli
@imvkohli
68.7M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.2M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60M followers