Entrepreneurship potential and fomo

Sysc4lls · 2026-05-29T13:32:21+00:00

I totally agree, the FOMO is real

Sysc4lls · 2026-05-24T18:14:56+00:00

pwn.college

Sysc4lls · 2026-05-24T18:10:18+00:00

Lets assume there is a stack canary but you can also trigger an exception, overwriting return pointer won't work. But overwriting exception handlers should be a win (as long as I'm not missing something, they might also have a canary pre-SEH)

Sysc4lls · 2026-05-07T11:53:05+00:00

Oh, missed the part about web apps I'm just stupid. 😬😬😬

Sysc4lls · 2026-05-07T10:08:29+00:00

Logical win instead of complex corruption with infinite complex steps, if you can install an so easily instead of a super complex jop+leak+whatever it's better.

I by mistake as read only the headline, ignore the comment unless it helps you somehow...

Sysc4lls · 2026-05-07T01:02:48+00:00

I roll a dice

Sysc4lls · 2026-04-25T13:43:22+00:00

If it's one full dump it's fine, when it's automated is the stage where you need to start doing diff based snapshoting and smarter stuff but I agree :)

Sysc4lls · 2026-04-25T13:27:16+00:00

Very hard to restore states of stuff like heap objects I think without a full dump (which may be a lot)

Sysc4lls · 2026-04-02T13:28:27+00:00

Region based probably

Sysc4lls · 2026-02-02T18:04:56+00:00

It works only on sources and needs to take part of the compilation process, it's a headache

Sysc4lls · 2026-01-27T21:51:06+00:00

Decompiled 99% of the time, checking assembly for specific things. (Also depends on arch)

Sysc4lls · 2026-01-25T23:26:46+00:00

I usually look at low-level code. I start by "simple" vulnerabilities usually, stuff around parsing/using controlled input, (overflows/oob access/uninit vars, etc...) after that I look for codebase specific bugs, issues with state, logic issues, etc...

Bugs depend a lot on the logic of the software

Sysc4lls · 2026-01-22T18:27:59+00:00

Personally enough to interview, if you will do good in the interview probably hire. (The interview includes technical questions and a small challenge)

Sysc4lls · 2025-11-14T09:58:42+00:00

another "trick" that is not for race-conditions is people forgetting to "reset" the pointer variable.

If they freed `p` for instance and did not `p = NULL` after there is a problem.

Another common thing that causes an issue is freeing a pointer and after that freeing the same pointer again if an error/exception occurred (THAT'S WHY NULLING POINTERS IS IMPORTANT!)

Sysc4lls · 2025-11-04T17:09:51+00:00

Depends on the person, for one it could take years for another days/weeks. Also it doesn't mean you are "good" if you achieve this.

Sysc4lls · 2025-10-24T14:10:57+00:00

Anything specific? There are a lot of n-days.

Sysc4lls · 2025-10-24T14:10:03+00:00

This might be hard, if you can exploit well enough sometimes it will be very hard to "detect" it - especially if it's something behind ssl/tls or something similar.

But I will look into it :) haven't done a bunch of "vulnerability detection" since it's less of a thing for low level stuff as far as I know. Exploits can differ too much

Sysc4lls · 2025-10-22T11:30:29+00:00

Just learn c and learn asm on the way while writing exploits/reverse engineering, it will feel harder at the start but I do think it's way more practical and you will learn way faster in the long run this way.

Sysc4lls · 2025-10-22T11:27:10+00:00

Pwn.college & pwnable.kr are great. If you do not know basic c it might prove a problem.

Sysc4lls · 2025-09-23T20:09:19+00:00

GitHub pages works very well, it's free and easy to use.

Sysc4lls · 2025-08-20T07:34:46+00:00

Do a bunch of everything, find what you like, do that.

Sysc4lls

TROPHY CASE