Veritas: A Semantically Grounded Agentic Framework for Memory Corruption Vulnerability Detection in Binaries

Detecting memory corruption vulnerabilities in stripped binaries requires recovering object semantics, interprocedural propagation, and feasible triggers from low-level, lossy representations. Recent LLM-based approaches improve code understanding, but reliable detection still requires grounding ...

LLM-and-MCP

Detection and Exploitation of Vulnerabilities in Android Appli...

atool

ATOOL - Android Static Analysis & Exploit Scanner v1.0 !Pyth...

EUVD-2024-52028

Malicious code in bioql PyPI...

CVE-2025-59406

The CVE-2025-59406 entry concerns the Flock Safety Pisco Android app (v6.21.11) installed on Falcon/Sparrow License Plate Readers and Bravo Edge AI Compute Devices. The root cause is a cleartext Auth0 client secret embedded in the client-side codebase, which can be extracted by decompiling or ins...

CVE-2024-53683

A valid set of credentials in a .js file and a static token for communication were obtained from the decompiled IPA. An attacker could use the information to disrupt normal use of the application by changing the translation files and thus weaken the integrity of normal use...

ReCopilot: Reverse Engineering Copilot in Binary Analysis

Binary analysis plays a pivotal role in security domains such as malware detection and vulnerability discovery, yet it remains labor-intensive and heavily reliant on expert knowledge. General-purpose large language models LLMs perform well in programming analysis on source code, while...

Simple macOS kernel extension fuzzing in userspace with IDA and TinyInst

Posted by Ivan Fratric, Google Project Zero Recently, one of the projects I was involved in had to do with video decoding on Apple platforms, specifically AV1 decoding. On Apple devices that support AV1 video format starting from Apple A17 iOS / M3 macOS, decoding is done in hardware. However,...

IoC detection experiments with ChatGPT

ChatGPT is a groundbreaking chatbot powered by the neural network-based language model text-davinci-003 and trained on a large dataset of text from the Internet. It is capable of generating human-like text in a wide range of styles and formats. ChatGPT can be fine-tuned for specific tasks, such a...

CVE-2020-35587

In Solstice Pod before 3.0.3, the firmware can easily be decompiled/disassembled. The decompiled/disassembled files contain non-obfuscated code. NOTE: it is unclear whether lack of obfuscation is directly associated with a negative impact, or instead only facilitates an attack technique...

CVE-2020-35587

In Solstice Pod before 3.0.3, the firmware can easily be decompiled/disassembled. The decompiled/disassembled files contain non-obfuscated code. NOTE: it is unclear whether lack of obfuscation is directly associated with a negative impact, or instead only facilitates an attack technique...

CVE-2020-35587

Affected product: Solstice Pod firmware. Vulnerability: decompilation/disassembly yields non-obfuscated code in versions prior to 3.0.3; root cause and exact impact of lack of obfuscation are not explicitly quantified in the provided docs. Impact: not clearly stated beyond the presence of non-obf...

lem bracelet health APP has information leakage vulnerability

lem bracelet health APP is a smart bracelet information management APP produced by Shenzhen Lingmeng Technology Co. There is an information leakage vulnerability in lem bracelet health APP, an attacker can decompile the APK file of the APP and utilize the vulnerability to obtain the logic and...

CVE-2018-14581

Redgate .NET Reflector before 10.0.7.774 and SmartAssembly before 6.12.5 allow attackers to execute code by decompiling a compiled .NET object such as a DLL or EXE file with a specific embedded resource file...

Grundig Smart Inter@ctive 3.0 Insecure Direct Object Reference

Exploit Title: Grundig Smart Remote App CSRF Google Dork: Local Vulnerability Date: 06.07.2018 Exploit Author: Ahmethan GALTEKAdegN @inject0r16 Vendor Homepage: https://www.grundig.com/ Software Link: https://play.google.com/store/apps/details?id=arcelik. android.grundig.remote Version: Grundig...

Instacart: API OAuth Public Key disclosure in mobile app

Our Android/iOS app can be decompiled and the OAuth Public token can be accessed. Contrary to Instacart's summary, the API private key is also leaked, allowing anyone to use Instacart's private API without restriction. Instacart which I have found to be great in general ignored my additional...

CVE-2015-4537

Lockbox in EMC Documentum D2 before 4.5 uses a hardcoded passphrase when a server lacks a D2.Lockbox file, which makes it easier for remote authenticated users to decrypt admin tickets by locating this passphrase in a decompiled D2 JAR archive...

[Binrev] Automate Reversing Windows Binaries for Pentesters

What you can do with this? Static analysis: you can do a basic manual code review for decompiled sources to discover hidden communication channels, search for hard-coded passwords, or SQL injection vulnerabilities. Import decompiled projects to an IDE to reconstruct and modify the original source...