Fortunately, I managed to finish a core of the series this year💪 Here we have an introduction to #Apple #macOS hybrid #kernel #XNU: info about #Mach and #BSD integration, #security features, and #debugging techniques. I wish you all a Happy New Year! karol-mazurek.medium.com/snake-apple-x-…

I published a new detailed blog post on Pointer Authentication Code (PAC) on ARM and How it helps in mitigating ROP (Return-Oriented Programming) Url: zeyadazima.com/exploit%20deve… #hack #Exploit #vulnerable #c #pointers #memory

📄 Task Injection on macOS 🔍 Dive into how attackers can leverage Task Ports for process code injection. Learn security rules, lldb & debugserver mechanics, and some red tricks! #macOS #Cybersecurity #TaskInjection #InfoSec Enjoy & read it now here: afine.com/task-injection…

GhidraDeepSeekDecomprove A #Ghidra #Script to improve #decompiled #code readability by re-writing it (Using #DeepSeek ) in a better way, Along with renaming/assigning #variables based on their usage. Url: github.com/Zeyad-Azima/Gh… #Hacked #Security #CyberSecurity #exploit

Georgia Tech and Ruhr University Bochum researchers have uncovered new side-channel attacks on #Apple Silicon. My latest blog post briefly introduces these #vulnerabilities along with links to the full #research papers. Check it out to learn more: afine.com/slap-flop-appl…

🚀 New blog post! 🚀 Deep dive into a #macOS IONVMeFamily #driver Denial of Service issue! It is not a security risk but a great case study for macOS driver analysis🕵️‍♂️ Enjoy! #RE #Vulnerability #Research #Kernel #Fuzzing #PoC afine.com/case-study-ana…

This is a short blog post about a cheap #redteam trick I found last year during #phishing assessments to bypass #Outlook spam filters and deliver links to malicious #ISO files. #Microsoft does not want to patch it, so it is good to be aware of it: afine.com/bypassing-spam… Enjoy!

I just published a blog post about unpatchd Vulnerability, A Security Bypass which leads to RCE ( just found it ) in apache hugegraph server, fully working on the latest version and previous ones. You can read the research (Includes the PoC). Tested on live targets: Blog:

Old But Gold, Dumping LSASS With Windows Error Reporting On Modern Windows 11 zerosalarium.com/2025/09/Dumpin…

Windows Heap Exploitation - From Heap Overflow to Arbitrary R/W Recall your internals =) mrt4ntr4.github.io/Windows-Heap-E…

Introduction to windows shellcode development series. Part 1 :securitycafe.ro/2015/10/30/int… Part 2 :securitycafe.ro/2015/12/14/int… Part 3 :securitycafe.ro/2016/02/15/int…

I uploaded a blogpost on macOS x86_64 shellcoding that explores the fundamentals of writing shellcode on modern macOS systems. Note: it's very boooooring and full of details.  Topics include: - Lab setup and XNU source code navigation - Understanding syscall class routing

Last year, I released my comprehensive notes for the Offensive Security Exploit Developer (OSED) course. Those notes were essentially a hands-on, step-by-step practical guide that walked users through the entire process of crafting exploits from scratch. It was designed to be a

Exciting News! With 1k stars ⭐ on github Offensive Resources V4 is Now Live!, Last time I updated it was around 3 years ago. Offensive Resources V4 - a major upgrade from V3 with 1k stars ⭐ on github and extensive new content for cybersecurity professionals and researchers!

Just uploaded HopperSRK(Security Researchers Kit), It's a simple suite of hopper plugins i built to help in malware analysis and researching for vulnerabilities on macOS binaries. The Following are avaliable: - File Operations Analyzer: Detects file system operations including pic.x.com/nF2sHrPM4p

I just published AgentsBear a framework(engine like docker) to build & run autonomous AI agent pipelines from a single YAML file. No more boilerplate Python for wiring LLMs, tools, parsing, and chaining. Define steps, prompts, dependencies & run with one command. Supports