Frequent verification codes may appear for non-Mainland China IP visits. If visitors are severely affected, please send [IP|ASN](|AS14618) to the bottom mailbox to add to the whitelist


2022-06-18 15:20   Handling null bytes for buffer overflows    #[email protected] #安全文章 Hello, I am reading the book Hacking: The Are of Explioitation and trying to perfrom a buffer overflow. The command that is used [email protected]:~/booksrc $ ./auth_overflow2 $(perl -e 'print "\xbf\x84\x04\x08"x10') But on my machine I have a null byte (\x00\x00\x07\xe1) therefore it does no

2022-06-13 05:03   Best approach to start mobile (Android/iOS) exploit dev ?    #[email protected] #安全文章 Hello, Im thinking about a career in mobile (Android/iOS, especially Android) security research and i would like to know what is the best way to go for it, in terms of methodology and best resources to learn from. I do have some experience with x86 Assembly and programming languages (mostly high lev

2022-06-06 00:01   i want to dive into exploit _dev ; do i need to learn Assembly language    #[email protected] #安全文章   submitted by   /u/Doom_Guy777 [link]   [留言]

2022-06-01 01:47   Questions about responsible disclosure    #[email protected] #安全文章 I just found my first few vulnerabilities in a real world target, and I realize I don't really know how to properly disclose them to the vendor. The target is close source and it is a relatively large vendor so it isn't really clear how I should contact them. Any advice or standards about how I can

2022-05-31 23:04   Exploit Development Resources    #[email protected] #安全文章 Share and Support!   submitted by   /u/saqfi [link]   [留言]

2022-05-29 20:59   Heap BINARY EXPLOITATION w/ Matt E! (Tcache Attack)    #[email protected] #安全文章   submitted by   /u/soupcreamychicken [link]   [留言]

2022-05-25 03:53   Multiple vulnerabilities in radare2    #[email protected] #安全文章   submitted by   /u/soupcreamychicken [link]   [留言]

2022-05-24 16:22   Malware Campaign Targets InfoSec Community: Threat Actor Uses Fake Proof of Concept to Deliver Cobalt-Strike Beacon    #[email protected] #安全文章   submitted by   /u/soupcreamychicken [link]   [留言]

2022-05-17 00:53   API Security Offence and Defence: Introduction to API    #[email protected] #安全文章   submitted by   /u/cybersocdm [link]   [留言]

2022-05-16 09:51   I'm new to binary exploitation and my interest lie in security for IOT devices. I need suggestions on what I should learn    #[email protected] #安全文章 I already know I should learn C, read shellcoders handbook, ik some CTF's but idk if they're good for IOT. What I aim is to not waste any effort learning unnecessary info and most importantly to start of with something really basic and easy. Can you guys suggest me where to begin, which CTF's I shou

2022-05-14 07:44   Hacking: The Art Of Exploitation    #[email protected] #安全文章 When studying from this book, am I supposed to learn how every code sample works from scratch or only copy paste it and learn about its purpose and functions from the author? So far I've been rewriting every sample from scratch and making sure I'm understanding it, but at the same time I'm moving to

2022-05-09 13:52   Fuzzing    #[email protected] #安全文章 Hello all, I'm new into exploit development and I was wondering what common tools are used to fuzz gui applications. All the tutorials I have seen are used to fuzz command line applications. Thanks.   submitted by   /u/PuzzledWhereas991 [link]   [留言]

2022-05-05 19:24   which target to pick after learning basics of binary exploitation? if there is any bug bounty ? sorry if it's lame question    #[email protected] #安全文章   submitted by   /u/Traditional-Cloud-80 [link]   [留言]