infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

@wirepair It's not the same unfortunately. I follow some reddits that provide an article feed, but Twitter has been valuable for expert analysis that don't make it to articles/proper blogs.
this post | permalink
Some pretty decent observations here:

#pentesting

https://assume-breach.medium.com/im-not-a-pentester-and-you-might-not-want-to-be-one-either-8b5701808dfc
this post | permalink
[DebugPrivilege @ X] I did two write-ups about ETW. The first one will cover how to capture an ETW trace and covers a case-study using the WinInet provider to analyze Cobalt Strike. The second one covers how EDR are using the DotNetRuntime ETW.

https://github.com/DebugPrivilege/InsightEngineering/tree/main/Debugging%20101/Section%208%3A%20Introduction%20to%20WPT/WPA%20Review%20-%20How%20to%20capture%20ETW%20trace%3F

https://github.com/DebugPrivilege/InsightEngineering/tree/main/Debugging%20101/Section%208%3A%20Introduction%20to%20WPT/WPA%20Review%20-%20CLR%20Module%20Load%20Events
this post | permalink
PowerShell: Implements proper tab-completion

Also PowerShell: establishes prefixed naming conventions so tabbing any command prefix results in a gazillion candidates
this post | permalink
[DebugPrivilege @ X] RT by @DebugPrivilege: Official WinDBG TTD Live Recording API has arrived. Load TTDLiveRecorder.dll and call APIs from within the traced process. Add custom metadata and events. The docs aren't really indexed, well, here's a link to the interface docs for the LiveRecorder

#TimeTravelDebugging #reverseengineering #windbg

https://github.com/microsoft/WinDbg-Samples/blob/master/TTD/docs/TTDLiveRecorder.h/interface-ILiveRecorder.md
this post | permalink
"Do you wish Time Travel Debugging was faster and more lightweight? Our latest version lets you decide exactly what you want recorded! Select modules to record or use the API for full control. Get your recording just the way you like it. Crusts optional."

#TimeTravelDebugging #reverseengineering #windbg

https://learn.microsoft.com/en-us/windows-hardware/drivers/debuggercmds/time-travel-debugging-overview

Source: https://twitter.com/KensyAtMS/status/1751038723196649967
this post | permalink
With Nitter dying it's very unlikely I'll be able to funnel news from the birdsite anymore.

#infosec Fedi must get their shit together, because it's clear that a significant chunk of relevant content simply doesn't show up here.

Share knowledge. Make it discoverable.

Reposts appreciated!
this post | permalink
I guess I have to add another item to my "reflective XSS exploited in the wild" list (still less than 5 elements though)

https://blog.google/threat-analysis-group/zimbra-0-day-used-to-target-international-government-organizations/
this post | permalink
[dmnk@infosec.exchange @ X] RT by @domenuk: I know I'm late for Christmas presents but I've added dynamic instrumentation filtering to AFL++. You can now select which parts of the (llvmnative) instrumentation you want to use at runtime, without rebuilding

https://github.com/AFLplusplus/AFLplusplus/tree/dev/utils/dynamic_covfilter
this post | permalink
[blasty @ X] R to @bl4sty: here's a little look behind the scenes. the Autel EV charger is remotely puppeteered through a RPi over SSH. The android phone was used to develop some BLE exploits because pybluez is hard/flaky (apparently). The camera-tiewrapped-to-a-selfiestick was used to stream the display.

https://twitter.com/bl4sty/status/1750872852063035872
this post | permalink
Next Page