Tweetovi

	Alexandre Borges @ale_sp_brazil	14 h
	Odgovor korisniku/ci @matalaz I'm not sure whether it is your case, but the Python I/O library on Windows systems suffers serious performance problems according to my experience. Thus, you should try to reduce excessive I/O operations (if it is possible).
	Prikaz razgovora ·

	Alexandre Borges @ale_sp_brazil	22 h
	Odgovor korisniku/ci @wolfcod @joehowwolf Nothing. My tweet was an "educational" one. Personally, I like and use mailslot, but many people don't know on it (I am not sure about the reasons...) and, during analysis, some analysts might face problems. I agree with @joehowwolf 's opinion: maybe it is underused.
	Prikaz razgovora ·

	Alexandre Borges @ale_sp_brazil	23 h
	Pay attention when a malware is using Mailslots (similar to named pipes) for local communication on Windows: Mailslot Server (App. Client): CreateMailslot( ) + ReadFile( ) Mailslot Client (App. Server): CreateFile( ) + WriteFile( ) #reversing #security #malware pic.twitter.com/ylXRcfeGut
	Prikaz fotografije ·

	Alexandre Borges @ale_sp_brazil	23 h
	(interesting) Keeping Windows Secure: (PDF) github.com/dwizzzle/Prese… #microsoft #security #exploitation #fuzzing #windows pic.twitter.com/n6pXA7DqSQ
	Prikaz fotografije ·

	Alexandre Borges @ale_sp_brazil	4. velj
	Few malware authors have been using thread's ownership changing to try to make analysis harder: void function2(std::thread x); .... std::thread function3(function1( )); function2(std::move(function3( )); #malware #reversing #programming #security pic.twitter.com/FhpO92G4Dt
	Prikaz fotografije ·

	Alexandre Borges @ale_sp_brazil	4. velj
	EmoCheck: Emotet detection tool for Windows OS github.com/JPCERTCC/EmoCh… #emotet #malware #tool #security
	Prikaz sažetka ·

	Alexandre Borges @ale_sp_brazil	1. velj
	Developers have exploited the Samsung Galaxy S9 and Note 9 to get root access on the Snapdragon models: xda-developers.com/samsung-galaxy… #android #rooting #security
	Prikaz sažetka ·

	Alexandre Borges @ale_sp_brazil	31. sij
	(interesting write-up) Introduction to SpiderMonkey exploitation: doar-e.github.io/blog/2018/11/1… #reversing #exploitation #security pic.twitter.com/HlqNWRPqSU
	Prikaz fotografije ·

	Alexandre Borges @ale_sp_brazil	31. sij
	American Fuzzy Lop plus plus (afl++): afl++ is afl 2.56b with community patches, AFLfast power schedules, qemu 3.1 upgrade + laf-intel support, MOpt mutators, InsTrim instrumentation, unicorn_mode and a lot more! github.com/vanhauser-thc/… #fuzzing #security #exploitation
	Prikaz sažetka ·

	Alexandre Borges @ale_sp_brazil	30. sij
	People have asked whether learning about MacOS or Android reversing is worth? Yes, it's. Mobile reversing is my daily job and you should choose one of them and go forward. Official documentation is your first stop: Apple: developer.apple.com/documentation/ Android: developer.android.com/docs
	Prikaz sažetka ·

	Alexandre Borges @ale_sp_brazil	30. sij
	Obfuscapk: A black-box obfuscation tool for Android apps github.com/ClaudiuGeorgiu… #android #obfuscation #reversing #security #mobile
	Prikaz sažetka ·

	Alexandre Borges @ale_sp_brazil	26. sij
	GDA is a Dalvik bytecode decompiler written entirely in c++: github.com/charles2gan/GD… #android #security #reversing #decompiler #cpp #bytecode
	Prikaz sažetka ·

	Alexandre Borges @ale_sp_brazil	23. sij
	Micropatching a Workaround for CVE-2020-0674: blog.0patch.com/2020/01/microp… #patch #windows #cve #iexplorer
	Prikaži podatke ·

	Alexandre Borges @ale_sp_brazil	21. sij
	Automatic ROPChain Generation: github.com/d4em0n/exrop #exploitation #rop #reversing #triton #security
	Prikaz sažetka ·

	Alexandre Borges @ale_sp_brazil	18. sij
	No doubts, a quite interesting presentation from @ilfak about the decompiler internals: youtube.com/watch?v=T-YkhN… #decompiler #reversing #idapro #decompiler
	Prikaži podatke ·

	Alexandre Borges @ale_sp_brazil	14. sij
	(excellent -- by Steven Seeley @steventseeley) Busting Cisco's Beans :: Hardcoding Your Way to Hell: (write-up) srcincite.io/blog/2020/01/1… PoC 1: srcincite.io/pocs/cve-2019-… PoC 2: srcincite.io/pocs/cve-2019-… PoC 3: srcincite.io/pocs/cve-2019-… #cve #cisco #exploitation
	Prikaži podatke ·

	Alexandre Borges @ale_sp_brazil	14. sij
	(remember) Application -> DeviceIoControl( ) (on thread 1) -> Dispatch Routine (by I/O Manager) -> Target Driver -> Device --> Interrupt (done) -> ISR (any thread context) -> DPC (any thread context). It is NOT possible to know the thread context for ISR and DPC in advance ;)
	Prikaži podatke ·

	Alexandre Borges @ale_sp_brazil	13. sij
	Sharing a PCAP with Decrypted HTTPS: netresec.com/?page=Blog&mon… #security #malware #c2 #decryption #DoH pic.twitter.com/1w1n6GskJh
	Prikaz fotografije ·

	Alexandre Borges @ale_sp_brazil	12. sij
	The BLAKE3 cryptographic hash function: github.com/BLAKE3-team/BL… #crypto #security #hashfunction pic.twitter.com/879RCSP5S5
	Prikaz fotografije ·

	Alexandre Borges proslijedio/la je tweet
	Florian Roth @cyb3rops	11. sij
	I've created a special branch of my Fenrir IOC scanner to detect traces of activity exploiting #Citrix #Nescaler CVE-2019-19781 - we use strings that appear in XML & log files - please verify Fenrir branch github.com/Neo23x0/Fenrir… Report by @TrustedSec trustedsec.com/blog/netscaler… pic.twitter.com/tSvmEYWw8j
	Prikaz fotografije ·