infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

DDEEAATTHHMMEETTAALL from Escuela Grind

https://escuelagrind.bandcamp.com/album/ddeeaatthhmmeettaall
this post | permalink
@devils_eggcorn I do tell profanities to some kiosks though
this post | permalink
[SkelSec @ X] Psst! Hey you! yeah I see you struggling with exfiltrating vhdx files you found on that public SMB share over a HTTP tunnel. What if I told you there is a better way? You can browse remote disk images with this project and only download what u need!

https://github.com/skelsec/adiskreader
this post | permalink
[Alex Plaskett @ X] RT by @alexjplaskett: Exploiting a vulnerability in the Chrome's V8 engine and escaping the sandbox using Liftoff assembly

https://retr0.zip/blog/abusing-Liftoff-assembly-and-efficiently-escaping-from-sbx.html
this post | permalink
[DebugPrivilege @ X] RT by @DebugPrivilege: Part 1 of my blog series on debugging the Windows hypervisor and secure kernel

https://www.asset-intertech.com/resources/blog/2024/01/jtag-debug-of-windows-hyper-v-secure-kernel-with-windbg-and-exdi-part-1/
this post | permalink
[DebugPrivilege @ X] I did a write-up of an analysis related to an Application Crash that was triggered by Windows Error Reporting, which was caused by a Cobalt Strike Beacon. The write-up contains different debugging techniques and fancy regular expressions :)

https://github.com/DebugPrivilege/InsightEngineering/tree/main/Debugging%20Case%20Studies/Debug%20Case%20Study%3A%20Analyzing%20AppCrash%20of%20Cobalt%20Strike%20Beacon
this post | permalink
[RSS] Fuzzing Ruby C Extensions with Coverage and ASAN

https://z2-2z.github.io/2024/jan/16/fuzzing-ruby-c-extensions-with-coverage-and-asan.html
this post | permalink
[RSS] Why The iPad Doesn’t Have A Calculator

Easy: iPads can%27t be pwned this way

https://hackaday.com/2024/01/14/why-the-ipad-doesnt-have-a-calculator/
this post | permalink
CVE-2023–50220 - Inductive Automation Ignition XML Deserialization to RCE

https://petrusviet.medium.com/cve-2023-50220-inductive-automation-ignition-xml-deserialization-to-rce-7b395412c6cf
this post | permalink
SRC-2024-0001 : Trackplus Allegra Service Desk Module UploadHelper upload Directory Traversal Remote Code Execution Vulnerability

https://srcincite.io/advisories/src-2024-0001/

"First bug for 2024 and first (public) targeted exploitation of CVE-2023-50164/S2-066 Apache Struts File Upload RCE! Thats 10 years of VR with public disclosure!" - https://twitter.com/steventseeley/status/1746761587942453494
this post | permalink
Next Page