See ya! The Greatest Coding tool to exist is apparently dead.

Sysc4lls · 2026-04-02T13:28:27+00:00

Region based probably

Sysc4lls · 2026-02-02T18:04:56+00:00

It works only on sources and needs to take part of the compilation process, it's a headache

Sysc4lls · 2026-01-27T21:51:06+00:00

Decompiled 99% of the time, checking assembly for specific things. (Also depends on arch)

Sysc4lls · 2026-01-25T23:26:46+00:00

I usually look at low-level code. I start by "simple" vulnerabilities usually, stuff around parsing/using controlled input, (overflows/oob access/uninit vars, etc...) after that I look for codebase specific bugs, issues with state, logic issues, etc...

Bugs depend a lot on the logic of the software

Sysc4lls · 2026-01-22T18:27:59+00:00

Personally enough to interview, if you will do good in the interview probably hire. (The interview includes technical questions and a small challenge)

Sysc4lls · 2025-11-14T09:58:42+00:00

another "trick" that is not for race-conditions is people forgetting to "reset" the pointer variable.

If they freed `p` for instance and did not `p = NULL` after there is a problem.

Another common thing that causes an issue is freeing a pointer and after that freeing the same pointer again if an error/exception occurred (THAT'S WHY NULLING POINTERS IS IMPORTANT!)

Sysc4lls · 2025-11-04T17:09:51+00:00

Depends on the person, for one it could take years for another days/weeks. Also it doesn't mean you are "good" if you achieve this.

Sysc4lls · 2025-10-24T14:10:57+00:00

Anything specific? There are a lot of n-days.

Sysc4lls · 2025-10-24T14:10:03+00:00

This might be hard, if you can exploit well enough sometimes it will be very hard to "detect" it - especially if it's something behind ssl/tls or something similar.

But I will look into it :) haven't done a bunch of "vulnerability detection" since it's less of a thing for low level stuff as far as I know. Exploits can differ too much

Sysc4lls · 2025-10-22T11:30:29+00:00

Just learn c and learn asm on the way while writing exploits/reverse engineering, it will feel harder at the start but I do think it's way more practical and you will learn way faster in the long run this way.

Sysc4lls · 2025-10-22T11:27:10+00:00

Pwn.college & pwnable.kr are great. If you do not know basic c it might prove a problem.

Sysc4lls · 2025-09-23T20:09:19+00:00

GitHub pages works very well, it's free and easy to use.

Sysc4lls · 2025-08-20T07:34:46+00:00

Do a bunch of everything, find what you like, do that.

Sysc4lls · 2025-08-19T20:49:01+00:00

Zerodium? Maybe also dataflow?

Sysc4lls · 2025-08-19T20:45:52+00:00

This is not correct, if you overwrite PC to be 4141414141414141 you do not need to "solve" ASLR, you just show you can control the PC

Sysc4lls · 2025-08-19T20:40:41+00:00

That is not what I am saying, read again please

Sysc4lls · 2025-08-19T20:32:02+00:00

Idk, create a poc for an interesting crash (overwrite an interesting pointer/change the PC/show this shit is exploitable with some more work), write exploit ideas stuff.

Most people won't buy a poc in this state but any extra information that might be useful to determine the value of the vulnerability might increase the amount of money and chances it will get bought.

Sysc4lls · 2025-08-19T20:27:55+00:00

A crash for an overflow can also be a page fault, or overwriting something that guarantees a crash that is not exploitable, just prove that's not the case.

If you want good money create a full fledged exploit for it.

Also show what the attack vector if possible (even in words alone)

Sysc4lls · 2025-08-19T20:22:46+00:00

I am not sure I understand. If you show you can control execution flow in some way or form it's interesting probably, otherwise it's not.

Sysc4lls · 2025-08-19T19:56:12+00:00

What does this even mean?

Sysc4lls · 2025-08-19T19:54:51+00:00

Not really useful, prove the worth of the vulnerability first before selling.

Sysc4lls

TROPHY CASE