My Windows reverse engineering and exploit research workflow has been: 1. Pick a binary to research like tcpip.sys 2. Use github.com/joshterrill/post-… to automate seeing existing binary versions, download, and generate diffs from them 3. Load the resulting .binexport's and .bindiff into an LLM and ask it to analyze 4. Look up the build number of previous Windows version that old binary existed in from uupdump.net/ such as 26100.8328 and create a VM from it 5. Write code and test, working backwards from LLM analysis

New #TinyTracer (4.0) is ready: github.com/hasherezade/tiny_… - refactored for compatibility with the latest PIN - and with some new features!

There it is! Orange Tsai (@orange_8361) of DEVCORE Research Team was able to exploit Microsoft Exchange! If confirmed, they win a whooping $200,000 and 20 Master of Pwn points. Off to the disclosure room to explain how they did it and seal the deal. #Pwn2Own #P2OBerlin

HITCON 2026 — Ticket Sales Are Now Live 🚀 Ready for Taiwan’s largest cybersecurity conference? HITCON 2026 tickets are officially on sale! This year, HITCON brings together cutting-edge topics ranging from vulnerability research, offensive and defensive security, to real-world cybersecurity practices. We’re also partnering with COSCUP to launch the brand-new “HITCON OpenSource Track”, exploring even more possibilities at the intersection of open source and cybersecurity ✨ And this year, our ticket system has been upgraded — the earlier you buy, the more you save! General admission tickets are divided into multiple pricing stages: Early Bird / Regular / Late Bird / On-site, so don’t wait until the last minute if you want the best deal 🫵 【Event Information】 📍 Date: Aug 21–22, 2026 📍 Venue: Humanities & Social Sciences Building, Academia Sinica (No. 128, Sec. 2, Academia Rd., Nangang Dist., Taipei City) 【Ticket Overview】 📬 Tickets: HITCON 2026 Ticket Page: hitcon.kktix.cc/events/hitco… 🎟️ Ticket Types 1. General Admission (time-based pricing) ・Early Bird: NTD 5,000 ・Regular: NTD 6,000 ・Late Bird: NTD 7,000 ・ On-site: NTD 8,000 2. Student Ticket (NTD 2,500) ・Valid student ID required for on-site verification 3. Concession Admission for HIT Individual/Group Member ・ Individual: NTD 4,800 ・Group: NTD 5,400 Exclusively for Association of Hackers in Taiwan (HIT) members. 🎁 Tickets purchased before Aug. 2 will include an exclusive HITCON 2026 welcome pack (including a Badge, commemorative T-shirt, and more) ⚠️ Notes ・On-site ticket purchase will not be available; online registration only ・T-shirt sizes are “not guaranteed” for Late Bird and On-site ticket holders ・KKTIX account registration is required before purchasing tickets The earlier you buy, the better the deal — grab your Early Bird ticket before it’s gone! 🔥 #HITCON2026 #HITCON #COSCUP2026 #HITCONOpenSource #CyberSecurity #InfoSec #OpenSourceSecurity #TicketSales #資安年會 #開源安全 #票券開賣

The FLARE team now freely distributes its quality reverse engineering and malware analysis educational content at github.com/mandiant/flare-le…. Launched with: - Malware Analysis Crash Course - Go Reversing Reference - Intro to TTD

The Microsoft Defender Research team has published guidance on detecting, investigating, and defending against the sophisticated CI/CD-focused supply chain compromise involving the widely used open-source vulnerability scanner Trivy: msft.it/6016QQ6wq

pwn2own❌ ai2own✅

An automated N-day research pipeline at PwnFuzz. Ghidra Ollama n8n →Diffs Patch Tuesday binaries → LLM analyzes the output → Structured vuln reports, monthly AI-generated reports gets you oriented fast! Blog: ghostbyt3.github.io/blog/nda… Repo: github.com/ghostbyt3/nday-au…

If you are in the UK we are looking for a principal security researcher to join the team. If you have a threat hunting or incident response background, especially if you deeply understand Entra and other Azure technologies, this may be the role for you apply.careers.microsoft.com/…

How Kernel Anti-Cheats Work: A Deep Dive into Modern Game Protection s4dbrd.github.io/posts/how-k… #reverse

I hacked Claude Code! It turns out "agentic" is just a fancy new way to get a shell. I achieved full RCE and hijacked organization API keys. CVE-2025-59536 | CVE-2026-21852 research.checkpoint.com/2026… #ai #Claude

can't wait to see the blog!

WTF??? ChatGPT switched languages mid-sentence. Yeah, that’s my sign to log off for the day.

Just published an IDA plugin: HappyIDA Built with @h3xr4bb1t and @scwuaptx , and I’ve been using it in my daily reversing work for 1~2 years. There’s still a lot to do, but it felt like the right time to make it public, so we’re more likely to fix things (and hopefully some kind stranger will help us) It’s fancy, but not that fancy. Honestly, IDA Pro would be better if they adopted some of these ideas. There is no complex algorithms, no timeless debugger, no symbolic execution, but just a bunch of tiny features that have already helped me speed up reversing a lot. (The screenshot shows the origin of the project and the first feature I implemented: parameter labeling. @h3xr4bb1t later made it much more powerful. The SEH highlighter was made by @scwuaptx, and the SEH rebuilder was made by @h3xr4bb1t) github: github.com/HappyIDA/HappyIDA

Abusing Microsoft Copilot: Copilot, copilot my payload *please read limitations notes on the page. It's important you read that. tl;dr inconsistent, needs more research, potential avenue to explore malwaresourcecode.com/home/m…

weird. the same EXE content with "Update" in filename, windows will force this EXE only UAC elevated to run or not. Is that a windows necessary feature? 😂

Windows: Administrator Protection UI Access Shared Profile EoP project-zero.issues.chromium…

VXCON 店長 17-and-7-month year old Baileys is now living at Rainbow 🌈 Bridge on last Sunday night after VXCON completion, with love, hugs, and winds. Sadness and sorrow are still pumping but life must go on VXCON community always supports animals charity, continue to make them happy with love. After VXCON, I want to take further action to gather fund / donations to support animals charity including 阿棍屋，taking care of elderly dogs and cats. They need more care and love. Resources are needed. If you provide donations (like minimum 500 HKD, share and give us receipts), we probably set up a member-only discord channel to share the hardcore and latest engineering, research and hacking techniques there. I hope I can get at least 10 people to start the group. If yes, please leave comment or PM me. Thank you very much to everyone, and Baileys is our life-long VX captain 店長, and I hope we can make our animals better.

CFP for BlueHatIL 2026 is open! Submit your abstract - your time to shine starts now: microsoftrnd.co.il/bluehatil…

Reversing Microsoft Defender's signatures for evasion. Deep dive into VDM guts - a gzip-compressed files with no encryption to evade entire signatures with just 1 byte change. A research by RETooling crew (@DrCh40s && @t0nvi). Nicely done, chaps! Post: retooling.io/blog/an-unexpec… #redteam #blueteam #maldev #evasion #reverseengineering #antivirus #malwaredevelopment