@theXappy profile picture
Xappy @theXappy
Joined October 2019
  • Tweets 594
  • Following 627
  • Followers 144
107 Photos and videos
Pinned Tweet
Xappy@theXappy
26 Jan 2024
I figured out a generic way to generate those polyglots! Introducing: bppb! github.com/theXappy/bppb This PoC takes 2 files, a bplist and a protobuf, and merges them into one unholy abomination. #bplist #protobuf #polyglot #dfir #digitalforensics
Xappy@theXappy
10 Jan 2023
Annoyingly, I created a bplist-protobuf polyglot. This one is a valid protobuf containing 2 LengthValues in an array. As a bplist, it's a dictionary with 2 Key-Value-Pairs. Hex here: pastebin.com/d4Vva8aV #DFIR #MobileForensics #DigitalForensics
2
14
2,098
Happy tokens apocalypse to those who celebrate 🤖
6
Xappy retweeted
_SiCk
@encrypted_past
May 30
Vendors Added: GL.iNet Hikvision Dahua Not all of them encrypt, but nice to have. tpbreak.afflicted.sh
4
66
287
22,737
Xappy retweeted
Dimitri Os@Ch0pin
May 29
IRIS (Intent Runtime Inspection System) is my attempt at building a Burp Suite for Android intents :) . Give it a spin and let me know what breaks, what’s missing, and what you’d like to see next: github.com/Ch0pin/iris Demo here: youtube.com/watch?v=uU-f2zVZ…

GitHub - Ch0pin/iris: Intent Runtime Inspection System

Intent Runtime Inspection System. Contribute to Ch0pin/iris development by creating an account on GitHub.

github.com
1
10
35
2,105
Playing with the Lara semi-jailbreak
1
46
Finally got my "A9 Pro" (AirPods knockoff) to spit out debug output over UART. I opened up the case but eventually found out the UART pin is accessible via USB-C's A5/B5 pin. Oh well.
1
1
53
This repo by @atc1441 was helpful github.com/atc1441/Bluetrum_…

GitHub - atc1441/Bluetrum_AB5682_Hacking: Collection of infos and Parts for the Bluetrum AB5682...

Collection of infos and Parts for the Bluetrum AB5682 Used inside Cheap Chinese BLE Gadgets - atc1441/Bluetrum_AB5682_Hacking

github.com
34
Xappy@theXappy
22 Nov 2025
Beautiful view for this Saturday
37
Xappy retweeted
8kSec
@8kSec
12 Nov 2025
💡Understand how ROP can be used to bypass security defenses and execute code on ARM64 devices in Part 3 of our ARM64 Reversing and Exploitation Series: 8ksec.io/arm64-reversing-and… 📥Want to strengthen your ARM64 exploitation skills? Check out our free ARM64 challenges: academy.8ksec.io/course/arm-… #Reversing #ReturnOrientedProgramming #CyberSecurity
41
197
8,644
Xappy retweeted
diversenok@diversenok_zero
10 Nov 2025
I wanted to understand what information is available in .pdb files, so I made a tool for it 🔎🪲 Welcome DiaSymbolView - a debug symbol hierarchy and properties viewer based on MSDIA: github.com/diversenok/DiaSym…
A screenshot of DiaSymbolView inspecting combase.pdb

ALT A screenshot of DiaSymbolView inspecting combase.pdb

3
57
187
15,161
Xappy retweeted
exploits.club
@exploitsclub
24 Oct 2025
h0mbre@h0mbre_
24 Oct 2025
seeing chatter about the WhatsApp 0c at p2o, what happened?
2
3
38
6,984
Xappy@theXappy
24 Oct 2025
Hoping for a WhatsApp 0-click RCE so I can retract its demo myself 🤞
faulty *ptrrr
@0x_shaq
24 Oct 2025
if you retweet this you'll find a zero day in 24 hours (trust me this spell works)
1
3
572
Xappy retweeted
Binary Golf Association@binarygolf
18 Oct 2025
Binary Golf Grand Prix 6 begins now! #BGGP6 theme: "Recycle"
BGGP6 flyer, a collage featuring old media formats arranged over a backdrop of a golf course

ALT BGGP6 flyer, a collage featuring old media formats arranged over a backdrop of a golf course

4
25
59
28,136
Xappy retweeted
_leon_jacobs(💥)@leonjza
10 Sep 2025
I've been hacking on a new Windows Named Pipe tool called PipeTap which helps analyse named pipe communications. Born out of necessity while doing some vulnerability research on a target, its been super useful in reversing it's fairly complex protocol. :)
The proxy view for PipeTap, a Windows Named Pipe Analysis Tool

ALT The proxy view for PipeTap, a Windows Named Pipe Analysis Tool

18
145
1,005
71,646
Xappy retweeted
arXiv Daily
@Arxiv_Daily
4 Aug 2025
Replying to @Ph1gur3
We have a chat service that works over DNS so you can LLM on a flight without paying " dig @ch.at "what is golang" TXT short"
53
181
4,511
805,958
Xappy@theXappy
28 Jun 2025
PoC video I submitted to Samsung like 2 years ago for CVE-2023-21444 Targeting the Samsung Flow app. Assumed victim and I share a WiFi network, I could steal the 2FA password reset link for Instagram (or any other SMS) sent to their mobile.
1:23
1
1
4
1,145
Xappy@theXappy
28 Jun 2025
The bug was misusage of AES in CTR mode, allowing an attacker with only MotS access to partially decrypt the app's traffic. Developing the whole exploit (discovering enough data from the 'key stream' to fetch the SMS's content) was challenging but super fun.
1
1
79
Xappy@theXappy
28 Jun 2025
* Samsung Flow is not pre-installed on Samsung devices, so the userbase was relatively small. (definitely NOT 'everyone with a Samsung device') ** Obviously, already patched by Samsung.
1
1
79
Xappy@theXappy
21 Jun 2025
Vessel.exe
78
Xappy@theXappy
2 May 2025
Ever wondered what your modem really says to your SIM card? I sniffed raw APDU traffic off the SIM pins, decoded the UART based on the ATR, and piped it into Wireshark. Full guide: how to wire it, decode it, and see the bytes for yourself. 🔎💥📶 github.com/theXappy/trace_si…
Pinout of a nano sim card.

ALT Pinout of a nano sim card.

A Logical Analyzer connected, via IC clips, to a 3G USB modem stick.

ALT A Logical Analyzer connected, via IC clips, to a 3G USB modem stick.

Screenshot of PulseView with some bytes decoded and compared to the output of pysim-shell.

ALT Screenshot of PulseView with some bytes decoded and compared to the output of pysim-shell.

Screenshot if Wireshark showing a "gsm sim" packet sent between a modem and a sim card.

ALT Screenshot if Wireshark showing a "gsm sim" packet sent between a modem and a sim card.
3
75
Load more