TLDR; This post will teach you how to leverage Ghidra’s FlatProgramAPI and Python 3 to generate function call graphs. Ghidra scripting with Python 3, powered by Pyhidra (via Jpype), provides robust...

TL;DR - This post will walk through the process of creating a Headless Ghidra Python VScode template. This is not recommended as the official language for Ghidra is Java and the supported IDE is Ec...

TL;DR - CVE North Stars is a tutorial that introduces a method to kickstart vulnerability research by treating CVEs as North Stars in vulnerability discovery and comprehension. Background Thi...

TL;DR - Windows RPC enumeration, discovery, and auditing via NtObjectManager. We will audit the vulnerable RPC interfaces that lead to PetitPotam, discover how they have changed over the past year,...

TL;DR A survey of Windows Remote Procedure Call discovery tools and an attempt to understand how open source tools discover RPC servers, interfaces, and procedures. Windows RPC has been a black bo...

TL;DR - The Google Chrome Releases blog provides CVE data one liners containing all the information needed to create a rich CVE data source. Google Chrome CVEs are plentiful and provide informat...

TL;DR - CVE Markdown Charts - Your InfoSec reports will now write themselves… After writing several InfoSec reports and researching CVEs, I discovered a means to create dynamic charts that help ...

Hello World Saying hello to the world with a first post. I have seen several slick github.io pages leveraging Jekyll to create modern blogs and websites that look great with seemingly little ove...