PeAR: A Static Binary Rewriting Framework for Binary-Only Fuzzing

Binary-only fuzzing is a key technique for finding bugs in close-source software. Without access to source code, the fuzzer must rely on static or dynamic binary instrumentation for coverage guidance. In practice, most fuzzers favor dynamic binary instrumentation DBI, accepting runtime overhead t...

Exploit for CVE-2026-31431

CopyFail Go Most Linux LPEs need a race window or a kernel-...

[SECURITY] Fedora 43 Update: uv-0.9.7-2.fc43

An extremely fast Python package installer and resolver, written in Rust. Designed as a drop-in replacement for common pip and pip-tools workflows. Highlights: =E2=80=A2 =E2=9A=96=EF=B8=8F Drop-in replacement for common pip, pip-tools, and virtualenv commands. =E2=80=A2 =E2=9A=A1=EF=B8=8F 10-100x...

[SECURITY] Fedora 41 Update: uv-0.8.11-4.fc41

An extremely fast Python package installer and resolver, written in Rust. Designed as a drop-in replacement for common pip and pip-tools workflows. Highlights: =E2=80=A2 =E2=9A=96=EF=B8=8F Drop-in replacement for common pip, pip-tools, and virtualenv commands. =E2=80=A2 =E2=9A=A1=EF=B8=8F 10-100x...

[SECURITY] Fedora 43 Update: uv-0.8.11-4.fc43

An extremely fast Python package installer and resolver, written in Rust. Designed as a drop-in replacement for common pip and pip-tools workflows. Highlights: =E2=80=A2 =E2=9A=96=EF=B8=8F Drop-in replacement for common pip, pip-tools, and virtualenv commands. =E2=80=A2 =E2=9A=A1=EF=B8=8F 10-100x...

[SECURITY] Fedora 41 Update: uv-0.8.11-2.fc41

An extremely fast Python package installer and resolver, written in Rust. Designed as a drop-in replacement for common pip and pip-tools workflows. Highlights: =E2=80=A2 =E2=9A=96=EF=B8=8F Drop-in replacement for common pip, pip-tools, and virtualenv commands. =E2=80=A2 =E2=9A=A1=EF=B8=8F 10-100x...

[SECURITY] Fedora 42 Update: uv-0.8.8-1.fc42

An extremely fast Python package installer and resolver, written in Rust. Designed as a drop-in replacement for common pip and pip-tools workflows. Highlights: =E2=80=A2 =E2=9A=96=EF=B8=8F Drop-in replacement for common pip, pip-tools, and virtualenv commands. =E2=80=A2 =E2=9A=A1=EF=B8=8F 10-100x...

Evaluating Disassembly Errors with Only Binaries

Disassemblers are crucial in the analysis and modification of binaries. Existing works showing disassembler errors largely rely on practical implementation without specific guarantees and assume source code and compiler toolchains to evaluate ground truth. However, the assumption of source code i...

[SECURITY] Fedora 40 Update: uv-0.6.14-3.fc40

An extremely fast Python package installer and resolver, written in Rust. Designed as a drop-in replacement for common pip and pip-tools workflows. Highlights: =E2=80=A2 =E2=9A=96=EF=B8=8F Drop-in replacement for common pip, pip-tools, and virtualenv commands. =E2=80=A2 =E2=9A=A1=EF=B8=8F 10-100x...

[SECURITY] Fedora 36 Update: micro-2.0.8-6.fc36

Micro is a terminal-based text editor that aims to be easy to use and intuitive, while also taking advantage of the full capabilities of modern terminals. It comes as one single, batteries-included, static binary with no dependencies, and you can download and use it right now. As the name...

Fennec - Artifact Collection Tool For *Nix Systems

fennec is an artifact collection tool written in Rust to be used during incident response on nix based systems. fennec allows you to write a configuration file that contains how to collect artifacts. Features A single statically compiled binary Execute any osquery SQL query Execute system command...

IDA2Obj - Static Binary Instrumentation

IDA2Obj is a tool to implement SBI StaticBinary Instrumentation. The working flow is simple: Dump object files COFF directly from one executable binary. Link the object files into a new binary, almost the same as the old one. During the dumping process, you can insert any data/code at any locatio...

E9Patch - A Powerful Static Binary Rewriting Tool

E9Patch is a powerful static binary rewriting tool for x8664 Linux ELF binaries. E9Patch is: Scalable : E9Patch can reliably rewrite large/complex binaries including web browsers 100MB in size. Compatible : The rewritten binary is a drop-in replacement of the original, with no additional...

Pharos - Static Binary Analysis Framework

The Pharos static binary analysis framework is a project of the Software Engineering Institute at Carnegie Mellon University. The framework is designed to facilitate the automated analysis of binary programs. It uses the ROSE compiler infrastructure developed by Lawrence Livermore National...

Mobile Bootloaders From Top Manufacturers Found Vulnerable to Persistent Threats

Security researchers have discovered several severe zero-day vulnerabilities in the mobile bootloaders from at least four popular device manufacturers that could allow an attacker to gain persistent root access on the device. A team of nine security researchers from the University of California...

Pharos: A Static Binary Analysis Framework

PenTestIT RSS Feed All of us know what static binary analysis means. It means that the analysis of the binary is performed without actually executing it. Almost two years ago, an open source framework - Pharos, was created by the Carnegie Mellon SEI, CERT Division in collaboration with the Lawren...

ApportAbrt (Ubuntu Fedora) - Local Privilege Escalation

ApportAbrt Ubuntu Fedora - Local Privilege Escalation define GNUSOURCE include include include include include include include include include include include include include include warning this file must be compiled with -static // // Apport/Abrt Vulnerability Demo Exploit. // // Apport:...