Instance Logo

threatactor.club

joernchen :cute_dumpster_fire: @joern
Jan 24, 18:45

Sometimes you just need to look at the right spot and have a good guts feeling to find vulns.

https://about.gitlab.com/blog/2023/01/24/git-security-audit/

Jan 24, 2023, 18:45
2
18
21
View toot
lit @ll1t@mastodon.social
Jan 26, 05:51

@joern @thorkson sometimes you only have to spend a decade or two to develop a good guts feeling to find vulns. :) Cool finding and nice writeup!

Jan 26, 2023, 05:51
1
0
1
View toot
Thorkson Ericsson :donor: @thorkson@infosec.exchange
Jan 26, 07:31

@ll1t
@joern I am still waiting for the "guts feeling" ISO norm or "vuln research with guts - for dummies" ;-)

Jan 26, 2023, 07:31
2
0
1
View toot
joernchen :cute_dumpster_fire: @joern
Jan 26, 08:20

@ll1t @thorkson well I kinda did a training on that a while back

https://code-audit-training.gitlab.io/

Jan 26, 2023, 08:20
0
0
1
View toot
lit @ll1t@mastodon.social
Jan 26, 07:36

@thorkson @joern still have to see the book, but pretty confident the norms must be out there. Should be ISO 31337 for vuln research via code auditing and ISO 73313 for vuln research using reverse engineering, respectively. ;P

Jan 26, 2023, 07:36
0
0
1
View toot
Bas Alberts :emacs: @anticomputer@emacs.ch
Jan 24, 21:15

@joern nice finds!

Jan 24, 2023, 21:15
0
0
0
View toot