hasherezade

My new blog for Check Point Research - check it out! 💙 // #ProcessInjection : #WaitingThreadHijacking

BREAKING: ChatGPT CEO Sam Altman says people share personal info with ChatGPT but don’t know chats can be used as court evidence in legal cases.

Chat, I don't wanna brag, but Black Mass Volume III is going crazy - Number 1 best-seller on Amazon (trending). We managed to pass the "Cybersecurity for Seniors" series - Insane amounts of cash flowing in. We might buy a Porsche or two from the sales

IDA 9.2 beta 1: A first look youtu.be/BeeXHWvCG9M

Black Mass Volume III is available for free as a PDF and for sale as a physical copy on Amazon Locations available: US, UK, DE, FR, ES, IT, NL, PL, SE, JP, CA, AU Subsequent post contains link to US Amazon link. Use your countries Amazon domain to buy the book.

We are very happy to announce the nominees for the 2025 Pwnie Awards! As a reminder, we will be presenting the winners at DEF CON this year. Saturday the 9th, 10:00AM Main Stage. Hope to see you there! docs.google.com/document/d/1fy…

LitterBox just hit 1,000 ⭐️ on GitHub happy to see it being used by both red and blue teams! Huge thanks to everyone who starred, forked, or shipped a PR! #maldev #redteam #infosec github.com/BlackSnufkin/L…

I'm happy to announce that @HyperDbg v0.14 is released! This version includes HyperEvade (beta preview), fixes Win11 24H2 compatibility issues, and adds multiple timing functions to the script engine (Special thanks to @0Xiphorus). Check it out: github.com/HyperDbg/Hyper… (1/3)

Capturing passwords from Password Managers via a BOF without using CTRL+C... Successfully tested on 1Password and KeePass.

💥 CERT-UA published a report on a malware powered by an LLM. The malware uses Qwen 2.5-Coder-32B-Instruct via the HuggingFace API to generate and execute commands on infected systems. It is a Python script that embeds prompts to dynamically craft Windows reconnaissance…

Using the UnpacMe byte-search IDA plugin we found some Scavenger related malware dating back to October 2024. At the time the malware was dubbed ExoTickler. Analysis follows...

Part 4 of the Buffer Overflow series has been posted! In today's writeup, we learn how to create a decoder stub, introduce an obligatory nop sled, and use memcpy to copy the encoded shellcode to our newly created memory region using VirtualAlloc 😺 g3tsyst3m.github.io/binary%20explo…

Hey all! As promised, here's the in-depth analysis @JershMagersh from @InvokeReversing and I did of the malware strain that's been spreading through NPM in the last few days following a successful phish. We present to you: Scavenger. c-b.io/2025-07-20+-+I…

Bypassing AMSI with your own custom COM interfaces inside CLR process - an excellent piece by Joshua Magri (@passthehashbrwn). The custom implementation allows to allocate and load assemblies from memory and invoke Load_2() method instead of typical call to Load_3(). This…

📣 IDA 9.2 Beta is here! This release is packed with UI upgrades, smarter analysis, and expanded architecture support. ➥ Already a Beta user? Grab it now. ➥ Not enrolled? Sign up today. eu1.hubs.ly/H0lS6nv0

My fav platform #ANYRUN just made TI Lookup free for everyone. It provides live attack data that helps SOC teams cut response time, improve decision-making, and lower business risk. intelligence.any.run/analysis/lookup i get real malware samples, behavioral context, and TTPs - all in one…

DJI drone security analysis: reverse engineering communication, firmware extraction, and fuzzing for vulnerabilities. 𖥂🎮 ၊၊||၊ 💥 More details on: LinkedIn: linkedin.com/posts/dlaskov_… Substack: it4sec.substack.com/p/dji-drone-se…

New blog post: UCPD.sys – UserChoice Protection Driver Part 2: kolbi.cz/blog/2025/07/1…

this new xAI job listing is wild

I'm pleased to announce a new version of the Rust bindings for @HexRaysSA IDA Pro! With: - Improved strings, metadata, and core APIs - Support for the name API Thank you to @0xdea & @williballenthin for contributing! Docs: idalib.rs Code: git.idalib.rs