31/07/2025
MaterialX and OpenEXR Security Audit
MaterialX And OpenEXR Security Audits, sponsored by the ASWF (Academy Software Foundation), facilitated by Open Source Technology Improvement Fund (OSTIF) and performed by Shielder.
Min
By thezero
22/05/2024
Boost Security Audit, sponsored by Amazon Web Services (AWS), facilitated by Open Source Technology Improvement Fund (OSTIF) and performed by Shielder.
Min
18/04/2024
Element Android CVE-2024-26131, CVE-2024-26132 - Never Take Intents From Strangers
A writeup about two intent-based Android vulnerabilities CVE-2024-26131 and CVE-2024-26132 in Element (Matrix).
Min
30/01/2024
Hunting for Unauthenticated n-days in Asus Routers
Notes on patch diffing, reverse engineering and exploiting CVE-2023-39238, CVE-2023-39239, and CVE-2023-39240.
Min
05/09/2022
How to Decrypt Manage Engine PMP Passwords for Fun and Domain Admin - a Red Teaming Tale
Learn how to decrypt Manage Engine Password Manager Pro (PMP) passwords after exploiting CVE-2022-35405.
Min
By thezero
16/05/2022
Printing Fake Fiscal Receipts - An Italian Job p.2
Reverse engineering and analysis of a fiscal printer device for fun and (real) profit.
Min
By thezero
19/04/2022
Printing Fake Fiscal Receipts - An Italian Job p.1
Reverse engineering and analysis of a fiscal printer device for fun and (real) profit.
Min
By thezero
05/04/2022
A Sneak Peek into Smart Contracts Reversing and Emulation
Introduction to web3 security, Smart Contract Reversing (bytecode and decompiled code level) and EVM emulation with Qiling.
Min
21/03/2022
Reversing embedded device bootloader (U-Boot) - p.2
In the course of these two articles, we will share an analysis of some aspects of reversing a low-level binary.
Min
08/03/2022
Reversing embedded device bootloader (U-Boot) - p.1
In the course of these two articles, we will share an analysis of some aspects of reversing a low-level binary.
Min