Craig Young
@craigtweetsPwnie winner, 2x USENIX author, InfoSec speaker/trainer, ProdSec engineer. My next event is Black Hat USA. Tweets do not reflect past or present employers.
Similar User
@joegrand
@jduck
@taviso
@CoreSecurity
@hdmoore
@0xcharlie
@securelyfitz
@WeldPond
@corelanc0d3r
@mj0011sec
@Andrew___Morris
@bsdaemon
@steventseeley
@digininja
@GuidoVranken
I just posted another example from my upcoming class. A write-up on generating a GDB Python script from Ghidra Python to enumerate attack surface in a program. medium.com/@cy1337/a-basi… This is the last week for early bird pricing, so if you want to dive deeper, sign up today!
#BHUSA Training "A Basic Guide to Bug Hunting with Ghidra" led by @CraigTweets will equip students with techniques for overcoming the unique challenges of bug hunting in closed-source binaries. Register now>> bit.ly/3UTwpeH
Check out my intro on fuzzing compiled code with AFL QEMU: medium.com/@cy1337/a-basi… This is a sneak peak of the content I'm working on for @BlackHatEvents this summer.
Just updated my @BlackHatEvents training slides with an example of decrypting Mirai config values using #Ghidra 10.3's new Emulator tool. Stay tuned for some related blogs in coming weeks after I'm done updating the class for 10.3! #bhusa blackhat.com/us-23/training…
Cybersecurity may seem like a vast field, but there are frequent chances to reconnect with old friends at conferences or while working on projects. @treguly reflects on the collaborative nature of the cybersecurity community. tripwire.com/state-of-secur… cc @craigtweets
H/T to @stryker2k2 for adapting another post into an excellent video walkthrough!
#BHUSA Training "A Basic Guide to Bug Hunting with Ghidra" led by @CraigTweets will equip students with techniques for overcoming the unique challenges of bug hunting in closed-source binaries. Register now>> bit.ly/3UTwpeH
This week's post is about unpacking a Metasploit payload with Ghidra and then resolving syscall numbers in the shellcode for easier analysis. Check it out on Medium at medium.com/@cy1337/unpack…
The dedicated emulator tool in 10.3 is also really cool! I made a short post this morning to help people get started using it with an example. medium.com/@cy1337/first-…
Ghidra 10.3 released. Come to the dark side! Dark themes officially supported. New training course materials for the Debugger. Initial Golang binary analysis for Go 1.18. Many more bugfixes and improvements. github.com/NationalSecuri…
Here is a walkthrough of writing a Ghidra Python script to find calls to potentially dangerous libc functions as the 5th in my @BlackHatEvents #BHUSA training preview. medium.com/@cy1337/vulner…
Update on my recent vuln discovery challenge: It's now containerized! Details are in my latest @BlackHatEvents #BHUSA Ghidra training blog post: Vulnerability Analysis with Ghidra Scripting at medium.com/@cy1337/vulner…
For this week's @BlackHatEvents 2023 Ghidra training preview, I've releases a vulnerability discovery challenge. It was a lot of fun making this and I hope you all enjoy hacking it! medium.com/@cy1337/vulner… #BHUSA
I've posted a walkthrough about understanding and patching a bug using Ghidra's disassembly. Please enjoy following along and I hope you'll consider joining me this summer in Vegas for my @BlackHatEvents #BHUSA Ghidra training. medium.com/@cy1337/patchi…
In our newest USENIX paper, @XoIMEX, @snachti, @marcelmaehren, @nerinola1, @ic0nz1, @JoergSchwenk, and me took a look at the TLS session ticket deployment in the wild and found diverse vulnerabilities: upb-syssec.github.io/blog/2023/sess… (1/12)
For this week's @BlackHatEvents 2023 Ghidra training preview, I've releases a vulnerability discovery challenge. It was a lot of fun making this and I hope you all enjoy hacking it! medium.com/@cy1337/vulner… #BHUSA
I've posted another Ghidra challenge in preparation for 'A Guide to Reversing With Ghidra' at #BHUSA this summer. Have a read and try for yourself at link.medium.com/jjTrhleSSyb
I've published a sneak peak of a new exercise I'll be running in my Ghidra class with @BlackHatEvents This one covers using Ghidra Debugger to analyze a sketchy lib file. Sample file included for practice, hoping someone will find the hidden URL! medium.com/@cy1337/a-guid… #BHUSA
Registration is now open for #BHUSA training. I'm looking forward to another year of teaching Ghidra in Vegas! Please come and join me if you want to get started using Ghidra for your reversing needs: blackhat.com/us-23/training…
I have a question: Why was this not found before they put that code into a release? #OpenSSL
Looking forward to being back in Toronto for @sectorca! In case you are able to make it, consider coming a little earlier and joining me to learn about Ghidra with an @BlackHatEvents training session! More info: blackhat.com/tr-22s/trainin…
This quick write-up from @elafargue on using universal radio hacker (urh) to identify an unknown signal is well worth the read. elafargue.github.io/gr-experiments…
United States Trends
- 1. Steelers 68,4 B posts
- 2. Pam Bondi 186 B posts
- 3. Myles Garrett 5.397 posts
- 4. #TNFonPrime 3.136 posts
- 5. #PITvsCLE 5.772 posts
- 6. Tomlin 7.522 posts
- 7. Jameis 15,3 B posts
- 8. Baylor 6.186 posts
- 9. Brandon Miller 4.127 posts
- 10. Russ 31,4 B posts
- 11. St. John 5.298 posts
- 12. Arthur Smith 1.617 posts
- 13. #DawgPound 4.288 posts
- 14. AFC North 3.275 posts
- 15. #HereWeGo 8.415 posts
- 16. Gaetz 955 B posts
- 17. #911onABC 27,1 B posts
- 18. Jeremy Roach 1.316 posts
- 19. Fields 46,5 B posts
- 20. Al Michaels N/A
Who to follow
-
Joe Grand
@joegrand -
Joshua J. Drake
@jduck -
Tavis Ormandy
@taviso -
Core Security
@CoreSecurity -
HD Moore
@hdmoore -
Charlie Miller
@0xcharlie -
Joe Fitz
@securelyfitz -
Weld Pond | Chris Wysopal
@WeldPond -
ς๏гєɭคภς0๔3г ([email protected])
@corelanc0d3r -
mj0011
@mj0011sec -
Andrew Morris
@Andrew___Morris -
Rodrigo Branco
@bsdaemon -
ϻг_ϻε
@steventseeley -
Robin
@digininja -
Guido Vranken
@GuidoVranken
Something went wrong.
Something went wrong.