home.social

#nday — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #nday, aggregated by home.social.

  1. Alexandre Borges @[email protected] ·

    I am excited to release the extended version of the sixth article in the Exploiting Reversing Series (ERS). Titled "A Deep Dive Into Exploiting a Minifilter Driver (N-day)" this 293-page deep dive offers a comprehensive roadmap for vulnerability exploitation:

    exploitreversing.com/2026/02/1

    Key updates in this extended edition:

    [+] Dual Exploit Strategies: Two distinct exploit versions.
    [+] Exploit ALPC Write Primitive Edition: elevation of privilege of a regular user to SYSTEM.
    [+] Exploit Parent Process ID Spoofing Edition: elevation of privilege of an administrator to SYSTEM.
    [+] Solid Reliability: A completely stable and working ALPC write primitive.
    [+] Optimized Exploit Logic: Significant refinements to the codebase and technical execution for better stability and predictability.

    For those who have read the original release, whose exploit was working, my strong recommendation is that you adopt this extended edition as definitive.

    The article guides you through the entire lifecycle of an exploit: from initial reverse engineering and vulnerability analysis to multiple PoC developments and full exploitation.

    I hope this serves as a definitive resource for your research. If you find it helpful, please feel free to share it or reach out with your feedback!

    Enjoy your reading and have a great day.

    #exploit #cve #nday #cybersecurity #informationsecurity #infosec #vulnerability

    #exploit #cve #nday #cybersecurity #informationsecurity #infosec
  2. Alexandre Borges @[email protected] ·

    I am pleased to announce the publication of the sixth article in the Exploiting Reversing Series (ERS). Titled "A Deep Dive Into Exploiting a Minifilter Driver (N-day)", this 251-page article provides a comprehensive look at a past vulnerability in a mini-filter driver:

    exploitreversing.com/2026/02/1

    It guides readers through the entire investigation process—beginning with binary diffing and moving through reverse engineering, deep analysis and proof-of-concept stages into full exploit development.

    I would like to thank Ilfak Guilfanov (@ilfak on X) and Hex-Rays SA (@HexRaysSA on X) for their constant and uninterrupted support, which has helped me write these articles over time. 

    I hope this serves as a valuable resource for your research. If you enjoy the content, please feel free to share it or reach out with feedback.

    Have an excellent day!

    #exploit #exploitation #vulnerability #nday #reverseengineering #windows

    #exploit #exploitation #vulnerability #nday #reverseengineering #windows
  3. Alexandre Borges @[email protected] ·

    How Low Can You Go? An Analysis of 2023 Time-to-Exploit Trends:

    cloud.google.com/blog/topics/t

    #exploit #exploitation #zeroday #informationsecurity #cybersecurity #vulnerability #nday

    #exploit #exploitation #zeroday #informationsecurity #cybersecurity #vulnerability
  4. raptor @[email protected] ·

    Very well written #Windows #patchdiffing and #nday #exploitation walkthrough ✊

    Dissecting and Exploiting TCP/IP RCE #Vulnerability EvilESP (CVE-2022-34718)

    // by @chompie1337

    securityintelligence.com/posts

    #windows #patchdiffing #nday #exploitation #vulnerability
  5. @infosec_jcp 🐈🃏 done differently @[email protected] ·

    m.slashdot.org/story/407806 👀☣️👀☣️👀 #ZeroDay #NDay #malware #exploits #Chrome #Mozilla #WindowsDefender

    #zeroday #nday #malware #exploits #chrome #mozilla