@addison right. Mitigations can totally be tested against a theoretical self-inflicted vuln in test environments. Not really needed IRL. Mozilla does that for Sanitizer/CSP bypasses bugs and just assume there’s untrusted input / an injection involved.
Another great value in real life exploits is the "chaotic" energy, where defenders have some established rules by which attackers are likely to construct their exploits (which often turn out to be subtly wrong).
=> More informations about this toot | View the thread | More toots from freddy@security.plumbing
=> View addison@nothing-ever.works profile
text/geminiThis content has been proxied by September (3851b).