Still relying on outdated security tools?

👎 No binary scanning
🕳️ Incomplete #SBOMs
📉 Missed vulnerabilities

Here are 6 signs it's time to upgrade & what to look for 👉 https://finitestate.io/blog/when-to-upgrade-product-security-tools

#ProductSecurity #IoTSecurity #SBOM #BinaryAnalysis #DevSecOps #SCA #SAST

5 Signs Your Product Security Program Has Outgrown Its Current Tools

Your product security stack shouldn’t hold you back. Here are 5 signs it's time to scale beyond homegrown tools and manual SBOMs.

Why do so many vulnerabilities slip past traditional scanning tools?

In our latest blog, we explore the blind spots in traditional SCA/SAST & how Finite State helps teams uncover what others miss 👉https://t.co/R9giOUBz2E

#IoTSecurity #ProductSecurity #BinaryAnalysis #SCA #SAST

Risks of Incomplete Security Scanning Across IoT Product Lifecycles

Incomplete scan coverage leaves critical IoT vulnerabilities hidden. Learn how to close DevSecOps gaps and meet global security regulations.

Legacy security testing leaves mobile apps vulnerable to third-party risks. Without deeper binary analysis, attackers can exploit blind spots in the software supply chain. https://jpmellojr.blogspot.com/2025/05/mobile-and-third-party-risk-how-legacy.html #AppSec #MobileSecurity #BinaryAnalysis #SecurityTesting
Mobile and third-party risk: How legacy testing leaves you exposed

Risks to software supply chains from mobile applications are increasing, largely due to a lack of deep visibility into the software's codeb...

New Open-Source Tool Spotlight 🚨🚨🚨

angr is a Python-based framework for binary analysis, spanning capabilities like symbolic execution, control-flow analysis, and decompilation. Ideal for CTF challenges and reverse engineering tasks. #binaryanalysis #reverseengineering

🔗 Project link on #GitHub 👉 https://github.com/angr/angr

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

— ✨
🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴‍☠️

GitHub - angr/angr: A powerful and user-friendly binary analysis platform!

A powerful and user-friendly binary analysis platform! - angr/angr

GitHub
Changes to the CVE program signal a critical moment for AppSec strategies. It's time to modernize your approach to risk management. https://jpmellojr.blogspot.com/2025/04/changes-to-cve-program-are-call-to.html #CVE #NVD #AppSec #BinaryAnalysis #RiskManagement #SoftwareSecurity
Changes to CVE program are a call to action on your AppSec strategy

For the countless organizations that have relied on CVEs and the National Vulnerability Database to support vulnerability management and c...

Set sail into the rocky seas of compiler optimizations! Zion Basque (@mahaloz) explores how optimizations wreak havoc on decompilers and how to reverse them. Learn about the new angr decompiler & innovations to tackle ugly decompilations at RE//verse 2025! https://re-verse.sessionize.com/session/776160 #REverse2025 #BinaryAnalysis #Decompilers
Buccaneers of the Binary: Plundering Compiler Optimizations for Decompilation Treasure

From fixing a smart oven to exploiting a pesky drone, reverse engineers have long understood that the world is run by binaries. As such, decompilers, which turn binaries into source-like code, have become a cornerstone tool of the reversing community. Decompilers like IDA Pro, Ghidra, and Binja are hailed as our saviors from the verbose land of assembly. Despite the accolades we bestow upon our favorite decompilers, we've all encountered the frustration of lousy decompilation. We've wrestled with a series of broken if-statements that stubbornly refuse to become a Switch. We've navigated through a maze of gotos that create an unnecessary spaghetti of code. And we've scratched our heads at code that just seems off—maybe duplicated? Maybe it is non-existent in the source? Regardless, something is wrong. So what do all these problems have in common? Surprisingly, they aren't just buggy decompilers. They are fundamental flaws in the way we deal with compiler optimizations. Interestingly, not all compiler optimizations are equally destructive, and many can be reversed! In our USENIX 2024 work, SAILR [1], we not only measured the destructiveness of each compiler optimization but also pioneered techniques to reverse their effects. These cutting-edge algorithms are now implemented in the new angr decompiler, an open-source decompiler made by the hackademics of Shellphish. In this talk, we will take a deep dive into the rocky seas that are compiler optimizations. We will explore the worst optimizations for your decompiler, with examples, and how you might reverse them, with demos. Finally, we'll talk about what we learned in the process and how we think compiler optimizations will play a future role in decompilers. [1]: Basque, Zion Leonahenahe, et al. "Ahoy SAILR! There is no need to DREAM of C: A compiler-aware structuring algorithm for binary decompilation." 33st USENIX Security Symposium (USENIX Security 24). 2024.

HEX.DANCE - Client-side binary/file analysis, hex dump viewer & editor.

https://hex.dance

#infosec #binaryanalysis

HEX.DANCE

Want to learn more about ELF files? 🧝‍♂️

My new blog post "Wherein We Look At An ELF".

In this post we will explore:

🖥️ The anatomy of ELF files—what makes them tick
🔍 Relocatable but not yet Executable—more compilation shenanigans
🧩 To Strip or not to Strip—is that the question?
🔐 Some ELF tools—readelf, objdump, gdb, ...

https://dreaming-of-dragons.blogspot.com/2024/12/wherein-we-look-at-elf-executable-and.html

#ReverseEngineering #BinaryAnalysis #MalwareAnalysis #Cybersecurity #Programming #Debugging #InfoSec #CProgramming #GDB #objdump #Assembly

Wherein We Look At An ELF: Executable and Linkable Format

embedded programming dreaming of dragons

❄️Ready for the Advent of Radare? ❄️
--> https://radare.org/advent #aor24
Starting tomorrow, December 1st we will release every day a new article with general knowledge, tricks, scripts and challenges to solve with radare2 covering topics from #reverseengineering #forensics #firmwareanalysis #debugging #exploiting #binaryanalysis #lowlevel #assembly
Advent Of Radare2

Breaking binaries and learning lessons! 🔓

Join me in: "Wherein I Crack Yet Another Program And Learn Something In The Process: part three (or something)"

👉 Read the full story here: https://dreaming-of-dragons.blogspot.com/2024/11/wherein-i-crack-yet-another-program-and.html

#ReverseEngineering #GDB #BinarySecurity #CyberSecurity #CProgramming #BinaryAnalysis #InfoSec #ASM

Wherein I Crack Yet Another Program And Learn Something In the Process: part three (or something)

embedded programming dreaming of dragons