Huang Le

73 Added | 6 Magazines | 3 Likes | 1 Follower | @4tarhl | Keep up with Huang Le on Flipboard, a place to see the stories, photos, and updates that matter to you. Flipboard creates a personalized magazine full of everything, from world news to life’s great moments. Download Flipboard for free and search for “Huang Le”

A Deep, Deep, Deep, Deep, Deep Dive into the Angular Compiler

As you know, I love Angular, and all the magical things you can do with it, and I thought it would be an interesting challenge to take a peek into …

GrayFish rootkit analysis

Earlier in this year, I published research of the rootkit that belong to famous state-sponsored cybergroup called "Equation Group". Analyzed rootkit …

Windows Kernel Address Leaks

This repository aims to provide functioning code that demonstrated usage of various different ways to gain access to Kernel Mode pointers in Windows …

Brazil

Profiling the JVM on Linux: A Hybrid Approach

I hope you’re outraged that your performance tools are lying to you. For quite a while, many Java sampling profilers have been known to blatantly …

APIs

Баг в NTFS, или как подвесить всю систему

Не так давно при разработке фильтра файловых систем возникла проблема, которая приводила к подвисанию всей системы. Казалось бы, фильтр выполнял …

Why does the compiler generate memory operations on the full variable even though only one byte is involved?

Some time ago, I was helping out with code generation in a just-in-time compiler, and one thing I noticed was that when the compiler needed to, say, …

Compilers

Hacking Android phone. How deep the rabbit hole goes.

My first Android phone, a Galaxy Note N7000, was bought just after the announcement in October 2011. Thanks to one German guy called bauner, I had an …

Detecting Register

Sometimes old threats continue to remain relevant for a long period of time. The longevity of the x86 CPU architecture means that rootkits leveraging …

Cybersecurity

These are the science concepts you need to know to understand political life in 2017

It’s early days of 2017 still, but already it’s become apparent that this year science will play a larger role in public discourse than it has in the past, at least in the US. The scientific community has found itself at odds with the new White House administration in countless ways, and is gearing …

EPA

Aporeto

Coming out of AWS re:invent this year it is impressive to see the adoption of public cloud across companies in all industries even the most …

Three serious Linux kernel security holes patched

It's time to patch your Linux servers and PCs again.<p>The good news is developers are looking very closely at Linux's core code for possible security …

Exploiting MS16-098 RGNOBJ Integer Overflow on Windows 8.1 x64 bit by abusing GDI objects

Starting from the beginning with no experience whatsoever in kernel land let alone exploiting it, I was always intrigued and fascinated by reverse …

Cybersecurity

Hardening Windows 10 with zero-day exploit mitigations

Cyberattacks involving zero-day exploits happen from time to time, affecting different platforms and applications. Over the years, Microsoft security …

Practical Android Debugging Via KGDB

Kernel debugging gives security researchers a tool to monitor and control a device under analysis. On desktop platforms such as Windows, macOS, and …

Linux

Visualize Stack Traces

🔥single-command flamegraph profiling🔥<p>Discover the bottlenecks and hot paths in your code, with flamegraphs.<p>0x can profile and generate an …

JavaScript

The Real Reasons Quantum Entanglement Doesn't Allow Faster-Than-Light Communication

My colleague-in-blogging Ethan Siegel does a regular reader-request feature, and this week’s edition drifts into my territory, answering a question about using quantum entanglement for faster-than-light communication. As I jokingly said on Twitter, Ethan’s answer is pretty good for an astronomer, …

Quantum Mechanics

Inline assembly

Introduction<p>While reading source code in the Linux kernel, I often see statements like this:<p>Yes, this is inline assembly or in other words assembler …

Linux

23 Majestically Beautiful Pieces Of Science Jewelry

Pretty, subtle, and delightfully weird.

This pill prevents type 1 diabetes from developing in mice

If it works in humans, it could get rid of the need for insulin injections<p>A pill staved off type 1 diabetes in mice, and it may one day prevent the disease in people, too.<p>The pill blocks the buildup of a specific acid in the pancreas, which then stops the disorder from taking hold, according to …

Diabetes

Snowman

Snowman is a native code to C/C++ decompiler, supporting x86, AMD64, and ARM architectures. You can use it as a standalone GUI application, a …

Snowman

Exploring CVE-2015-1701 — A Win32k Elevation of Privilege Vulnerability Used in Targeted Attacks

Our analysis of the win32k.sys vulnerability used in a recent targeted attack reveals that it opens up an easy way to bypass the sandbox, making it a …

Cybersecurity

UACMe

• Defeating Windows User Account Control by abusing built-in Windows AutoElevate backdoor.<p>System Requirements<p>x86-32/x64 Windows …

Coming soon: How to generate a kernel or a complete memory dump file in Windows Server 2012 and Windows Server 2012 R2

Applies to:<p>Windows Server 2012 R2 Update 1<p>Windows 8.1 Update 1<p>Windows Server 2012 R2<p>Windows 8.1<p>Windows Server 2012<p>Windows 8.0<p>Originally published …

Forensics

Kernel initialization. Part 4.

Kernel entry point<p>If you have read the previous part - Last preparations before the kernel entry point, you can remember that we finished all …

Paul Allen on Twitter: "40 years ago Microsoft began, what a journey! Here is the title page from Microsoft’s first product BASIC http://t.co/xJyOoSq9V0"

New conversation<p>Replying to @<b>PaulGAllen</b><p>Not on the picture, under "THINGS TO DO": Security < MT @<b>PaulGAllen</b>: 40 years ago Microsoft began, what a …

Linux kernel memory management Part 1.

Introduction<p>Memory management is one of the most complex (and I think that it is the most complex) part of the operating system kernel. In the last …

Computer Science from the Bottom Up

This work is licensed under the Creative Commons Attribution-ShareAlike License. To view a copy of this license, visit …

Exploiting CVE-2015-0311, Part II: Bypassing Control Flow Guard on Windows 8.1 Update 3

At the beginning of March we published a blog post analyzing CVE-2015-0311, a Use-After-Free vulnerability in Adobe Flash Player, and we outlined how …

Cybersecurity