@steven_rossi_ and I taught a course on Binary Exploitation and Vulnerability Analysis at UMass Amherst for the past 2 years. After this semester's offering we decided to open source all course material including lecture vods, slides, and projects.
https://t.co/xzadGh9tJy
Excited to share my latest blog post: "Breaking Control Flow Flattening: A Deep Technical Analysis"
I showcase usage of formal proofs and graph theory to automate CFF deobfuscation, among other things !
Might make it a talk...? 👀
https://t.co/iWoP9GeZhX
A few months back we submitted two exploit chains to the first ever Pwn2Own Automotive competition.
We just released a blogpost (part 1 of 2) detailing the bugs we abused to remotely exploit the Phoenix CHARX industrial EV charger and win $60,000 🔥🔥
https://t.co/HmRCIzJm0E
We are pleased to announce our third annual UMassCTF, UMassCTF2024, is coming up soon! From April 19th @ 6pm EST to April 21st @ 6pm EST, we will be hosting the competition at https://t.co/NBcWckVmvo. Join our discord server for more information at https://t.co/qYptGwSGon.
Fuzzing is preferred over formal verification because proving the absence of bugs is usually unattainable, and fuzzing identifies the same bugs with less effort. https://t.co/x9Bc2ucwza
After 2 years here's a new blog post:Fuzzing TinyBMP in Rust||From dumb to structure-aware guide.If you're new-ish to Rust and want to dive in and see how you can play w dumb and smart fuzzing give it a try! Shouts to @addisoncrump_vr for the massive help! https://t.co/U9cIwdecEj
starting a new fuzzer project on the blog that is based on an old @gamozolabs idea. in the first post, we load a statically built Bochs emulator ELF into our fuzzer process and execute it. there is some code and the humble beginnings of a repo. lets gooo https://t.co/MrJEAHHO5E
Massively proud of the @InterruptLabs crew. Even with an extremely unlucky draw order and a certain vendor playing games we’ve landed joint 3rd out of 30 teams
@0xTib3rius I would argue that they really do not care much about security or positively interacting with researchers, and their pwn2own practices are just further proof of that, no matter what their pr team tries to publicly say.
@0xTib3rius They completely ignored the email and then proceeded to silently release an attempted fix to the bug. Unfortunately their solution to an LFI bug was to just stop a a filestring starting with `./` so it could still be trivially bypassed.
PASTA is the culmination of years of work trying to wrangle reliable and actionable data out of Clang. The effort has required a lot of hacking and custom patches to Clang, especially in the preprocessor, but the results speak for themselves.
SeungHyun in our lab found critical vulnerbilities in vm2, which is a well known JavaScript sandbox. Unfortunatetly, these bugs cannot be fixed without changing its whole sandboxing strategy. So now vm2 becomes DEPRECATED 😳😳😳
A new blog post about 3 vulnerabilities I found in the Kanboard Management Software with over 10 million downloads and how a user could've spread malicious tasks across all the projects, enjoy!
https://t.co/L21TpBH1D5