infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

[RSS] Learn Assembly the FFmpeg Way

https://hackaday.com/2025/02/23/learn-assembly-the-ffmpeg-way/
this post | permalink
@sassdawe Defender usually chokes IO. Are you sure you get up-to-date results (considering you can't use the system otherwise, perf/GUI updates may be late too)?
this post | permalink
[RSS] Linux Kernel Some Vsock Vulnerabilities Analysis

https://u1f383.github.io/linux/2025/02/24/linux-kernel-some-vsock-vulnerabilities-analysis.html

Analysis of CVE-2025-21669, CVE-2025-21670 and CVE-2025-21666
this post | permalink
How have I not heard about https://wtrace.net before?!

#ReverseEngineering #Windows
this post | permalink
[RSS] Exploiting LibreOffice (CVE-2024-12425 and CVE-2024-12426)

https://codeanlabs.com/blog/research/exploiting-libreoffice-cve-2024-12425-and-cve-2024-12426/
this post | permalink
My RSS notified me about this interesting #ReverseEngineering tool, but when I opened the repo
- It included a README and a **.zip**
- The URL was written like this: https:\\www.exetools[.]net (surprisingly, it did even work in my browser!)

Absolutely barbaric!
this post | permalink
@noctivius "get some practice with using tools and memorizing commands" - Spot on! IME people who "grew up" with these labs are too much focused on these skills, while this is the easy part of the job. The hard part is to find where to dig.
this post | permalink
I just read this (now deleted) question on Reddit:

"Wich One İs better Hack the box Or Try Hack me?" (sic!)

This may be unpopular, but IMO
1) Nothing beats building your own environments, as you'll learn *how* the stuff works and *why* misconfigs happen.
2) Real targets rarely have as limited attack surfaces as these lab machines. A crucial skill is to filter the data you get from initial scans (IIRC OSCP labs were more realisting in this aspect).

#TryHackMe #HackTheBox #pentest #training
this post | permalink
[RSS] Spice86: Reverse engineer and rewrite real mode DOS programs

https://github.com/OpenRakis/Spice86
this post | permalink
[RSS] From Zero to Emo - My Journey of Many Failures in kernelCTF

https://u1f383.github.io/linux/2025/02/21/from-zero-to-emo-my-journey-of-many-failures-in-kernelCTF.html
this post | permalink
Next Page