C++ Archives

Flowchart of the WasmForge C# build pipeline. C# source from Rubeus, Seatbelt, and SharpDPAPI enters a build-time transformation stage, where csharp_patcher applies source transforms and routes BCL calls to WasmForge helpers, and pinvoke_scanner routes P/Invokes to C bridge sources, with residual stubs left for architectural holes. Output flows through dotnet publish, wasm-component-ld, a .wasm module, and the WasmForge host to a final signed PE.

GhostPack Necromancy: Reforging C# Tools with WasmForge

Michelle Rhodes | June 18, 2026 | C++, EDR evasion, GhostPack, NativeAOT, Offensive Security, Red Teaming, Rubeus, Seatbelt, Tools & Techniques, Vulnerability Research, WasmForge, WebAssembly

In the previous post we walked through WasmForge, our Go-to-WebAssembly loader that takes existing signatured Go tools and ships them as opsec-safe binaries. This approach doesn’t just apply to Go, however, as ...

Offensive Security Blog: Latest Trends in Hacking | Praetorian

Depth of Analysis is the Key to Unlocking the value of SAST

Mark Hermeling | July 6, 2023 | C++, CodeSonar, GrammaTalk, SAST

The post Depth of Analysis is the Key to Unlocking the value of SAST appeared first on Grammatech ...

GrammaTalk | Grammatech

Depth of Analysis is the Key to Unlocking the value of SAST

Mark Hermeling | July 6, 2023 | C++, CodeSonar, GrammaTalk, SAST

The post Depth of Analysis is the Key to Unlocking the value of SAST appeared first on Grammatech ...

GrammaTalk | Grammatech

Depth of Analysis is the Key to Unlocking the value of SAST

Mark Hermeling | July 6, 2023 | C++, CodeSonar, SAST, TalkSecure

The post Depth of Analysis is the Key to Unlocking the value of SAST appeared first on CodeSecure ...

TalkSecure | CodeSecure

Fast and accurate syntax searching for C and C++

Trail of Bits | December 22, 2022 | C++, Clang, Compilers

By Mate Kukri The naive approach to searching for patterns in source code is to use regular expressions; a better way is to parse the code with a custom parser, but both ...

Trail of Bits Blog

A WeatherFlow Tempest UDP Broadcast Receiver in Golang, Rust, Swift, and C++

hrbrmstr | January 28, 2022 | C++, Go, golang, rust, SWIFT

After a Twitter convo about weather stations I picked up a WeatherFlow Tempest. Setup was quick, but the sensor package died within 24 hours. I was going to give up on it ...

rud.is

Adventures in Contacting the Russian FSB

BrianKrebs | June 7, 2021 | A Little Sunshine, BadB, C++, CryptoPro, FBI, Federal Security Service, FSB, GOST, Lance James, Treasury Department, Unit221B, VirusTotal, Vladislav Horohorin, Yandex

KrebsOnSecurity recently had occasion to contact the Russian Federal Security Service (FSB), the Russian equivalent of the U.S. Federal Bureau of Investigation (FBI). In the process of doing so, I encountered a ...

Krebs on Security

Linux X86 Assembly – How to Build a Hello World Program in NASM

Travis Phillips | May 4, 2021 | analysis, Application Security, architecture, ASM, C++, cpu, exit, Hello World, int, Linux, mov, NASM, payload, Penetration Testing, Professionally Evil, programming, Registers, Reverse Engineering, Secure Ideas, shellcode, syscalls, write, x86

Overview A processor understands bytecode instructions specific to that architecture. We as humans use mnemonics to make building these instructions easier than remembering a bunch of binary codes. These mnemonics are known ...

Professionally Evil Insights

LD_PRELOAD: How to Run Code at Load Time

Travis Phillips | February 24, 2021 | analysis, attribute, C++, constructor, debugging, destructor, ELF, gcc, gnu, inject, injection, LD_PRELOAD, Linux, make, Penetration Testing, proc, Professionally Evil, programming, Reverse Engineering, Secure Ideas, self-, Shared Objects, training

Today I want to continue the series on using LD_PRELOAD. In previous posts, we covered how to inject a shared object binary into a process, and use that to hijack a library ...

Professionally Evil Insights

Not-So-Random: Using LD_PRELOAD to Hijack the rand() Function

Travis Phillips | October 29, 2020 | C++, Hijack, ld, LD_PRELOAD, libc, Linux, Penetration Testing, Professionally Evil, programming, Reverse Engineering, Shared Objects

Today I wanted to continue the series on using LD_PRELOAD. In today’s post we are going to use LD_PRELOAD to hijack the rand() function in a simple random number guessing game to ...

Professionally Evil Insights

C++

Senator Sanders Wants to Own AI Companies — and Hand America’s Adversaries the Keys

NIST’s Nine: The PQC Signature Race Moves to Round Three

The Quantum Arms Race: Why Washington Just Wrote a $2 Billion Check to Nine Companies

Beyond Moore’s Law: The Hyper-Acceleration of Autonomous AI Cyber Capabilities

The Exception Economy: When Security Teams Stop Protecting and Start Negotiating

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On