Talvez você curta
So the challenge i wrote for @PotluckCTF introduced a new heap house (which I shamelessly dubbed "house of water" after my two teams), and a general technique I dubbed "safe link double protect". Both are now available here: github.com/shellphish/how… github.com/shellphish/how…
Made a fun little heap challenge for #37C3 @PotluckCTF called Tamagoyaki. It features a fun way to bypass protect_ptr without a leak I discovered while exploiting a bug. It only got one solve during the CTF, so made a writeup: github.com/UDPctf/CTF-cha…
We really should be talking about this more....KASLR is just not working properly on Android right now, and it hasn't for a long time. googleprojectzero.blogspot.com/2025/11/defeat…
I'm pretty excited about this (POE2 in particular)! It's basically what we've been preparing for with the PKEY-based hardware sandboxing prototype for V8 (docs.google.com/document/d/1l3…)
More HW security goodness from Arm: community.arm.com/arm-community-… vMTE (Virtual Memory Tagging) allows to use MTE in a more flexible way, consuming less RAM. POE2 allows to build efficient in-process sandboxes and isolation. More-or-less improvement over x86 Memory Protection Keys.
Guess you could say they were Unsat :^)
Planning a CTF? We're here to support organizers with proven expertise and a commitment to quality challenges. Apply here: dfsec.com/ctf-support
It's so over
First mention of x86 memory tagging (aka MTE) by both Intel and AMD (codename ChkTag): community.intel.com/t5/Blogs/Tech-… amd.com/en/blogs/2025/… 🤘🤘🤘
Check out our newest blog about how we took advantage of a WebGPU feature to turn an integer underflow bug into an arbitrary read in Chrome’s WebGPU. This bug was fixed by Google long ago, but our ticket is still restricted. qriousec.github.io/post/oob-angle/ by @lanleft_ + @__suto
so excited to finally share something I’ve been working on alongside many brilliant colleagues. MTE will truly raise the bar for memory safety. security.apple.com/blog/memory-in…
🥈 Thrilled to nab 2nd as Blue Water, teamed up with @perfect_blue at DEFCON CTF Final 33! 🙌 Congrats to @mmm_ctf_team for their 4th straight 1st 💪 We’re gunning for the crown next year! Join our crew to make it happen! DM us or drop us an email! 🚀 #DEFCON #CTF
Getting 2nd place in Defcon finals for the third year in a row has triggered the great depression for the team xd
Mini Writeup of CVE-2025-6554. POC by @DarkNavyOrg. All errors in writeup my own. gist.github.com/mistymntncop/3…
Finding exploitable browser bugs during exam season sucks. Makes it very difficult to focus on studying when constantly thinking of the bug 🫠
🚨🚨🚨We just broke everyone’s favorite CTF PoW🚨🚨🚨 Our teammate managed to achieve a 20x SPEEDUP on kctf pow through AVX512 on Zen 5. Full details here: anemato.de/blog/kctf-vdf The Sloth VDF is dead😵 This is why kernelCTF no longer has PoW!
anemato.de
Beating the kCTF PoW with AVX512IFMA for $51k
PoW is gone 🦀🦀
My writeup for CVE-2024-7971. Just a POC. Let me know if u have any questions. github.com/mistymntncop/C…
Another year and we're still looking for exceptional talent that are looking to join an amazing research team and contribute to the story we're writing @dfsec_com, if you're interested or just curious about it, I'll be @offensive_con and available to chat :)
V8 is leaving the Sea-of-Nodes Turbofan compiler for the shores of CFG, read all about it in my colleague's blog post: v8.dev/blog/leaving-t…
United States Tendências
- 1. #DWTS 41.7K posts
- 2. Northern Lights 15.3K posts
- 3. Andy 58.2K posts
- 4. #Aurora 3,410 posts
- 5. Elaine 45.3K posts
- 6. Robert 97K posts
- 7. #RHOSLC 5,010 posts
- 8. Dylan 30.2K posts
- 9. #WWENXT 13.1K posts
- 10. Louisville 11K posts
- 11. Whitney 8,366 posts
- 12. Alix 8,905 posts
- 13. Kam Williams N/A
- 14. Kentucky 21.3K posts
- 15. Xochitl 3,256 posts
- 16. #DancingWithTheStars 1,002 posts
- 17. Meredith 3,403 posts
- 18. Carrie Ann 1,679 posts
- 19. Oweh 1,135 posts
- 20. Pope 25.2K posts
Talvez você curta
Something went wrong.
Something went wrong.