Here are the slides for my lightning talk at Hexacon docs.google.com/presentation/d… Was tons of fun. Not sure if it was recorded. If you are interested in exploiting. Net check out github.com/SereSharp/NetP… and ysoserial.net

A blog post with the technical details of my Hexacon talk is now live. Thank you all for the positive feedback on the talk :)

THC RELEASE: 🎁Execute arbitrary backdoors 🚪on targets that do NOT allow execution 🙈 (noexec). Without ptrace() or mmap(). With only BASH _or_ PHP.👉Trick BASH to make (any)❗️SYSCALLS ❗️to the kernel. 🤪 #ISPScare iq.thc.org/bypassing-noex…

quarkslab And the exploits can be found here: github.com/quarkslab/sams…

Here is the promised code and data of our binary analysis technique ReSym github.com/lt-asset/resym Honoured to received the #CCS2024 Distinguished Paper Award! ACM CCS 2025 CERIAS at Purdue U. Purdue Computer Science #binaryanalysis #llm #llm4code

Did you notice that the techniques used to evade AI censorship are basically the same patterns as the ones used in psychomanipulation? "Boiling the frog", fabricating higher cause to justify the means, etc, etc. [1/2]

Today I published my first #Rust #crate to crates.io! crates.io/crates/rhabdom… I’ll eventually publish an article on the HN Security blog about it, but first there’s more work to do 💪 Many thanks to Sam Thomas for accepting my PRs to github.com/binarly-io/ida…

Dropped my slide for POC2024 on Linux kernel exploitation, including a journal from Pwn2Own Vancouver earlier this year. Enjoy 🙂. u1f383.github.io/slides/talks/2…

DMAAUTH: A Lightweight Pointer Integrity-based Secure Architecture to Defeat DMA Attacks Slides usenix.org/system/files/u… Paper usenix.org/system/files/u… Video youtu.be/kc3qtpWkrkQ usenix.org/conference/use…

We needed tools to perform advanced security investigations on iOS. But those tools didn’t exist yet... or weren’t openly available. So we created our own. We’ve fully emulated iOS on #QEMU using only open-source technologies. And this is just the beginning.

My WarCon slides about Ivanti Avalanche are public! I tried to do some mapping of the attack-surface, show the new auth mechanism and present some research ideas (things I didn't try). It also shows my first-ever fuzzing and memory corruption experience😆 github.com/thezdi/present…

This research allowed me to find critical bugs in several electron applications by finding public n-day exploits for older versions of chrome and adapting them to the electron framework. github.com/p3rr0x/Blog/tr… #BugBounty

Slides & video from our GreHack talk "Attacking Hypervisors - A Practical Case" are online! Learn how we exploited vulnerabilities to escape VirtualBox during Pwn2Own Vancouver 2024: reversetactics.com/publications/2…

Earlier this year, I used a 1day to exploit the kernelCTF VRP LTS instance. I then used the same bug to write a universal exploit that worked against up-to-date mainstream distros for approximately 2 months. osec.io/blog/2024-11-2…

Slides for my talk at H2HC 2024: Diving into Linux kernel security 🤿 I described how to learn this complex area and knowingly configure the security parameters of your Linux-based system. And I showed my open-source tools for that purpose! a13xp0p0v.github.io/img/Alexander_…

I have posted the slides for the talk chompie and I gave this past weekend at H2HC -> The Kernel Hacker’s Guide to the Galaxy: Automating Exploit Engineering Workflows #H2HC github.com/FuzzySecurity/…

I've just published a new blog post detailing how I developed a deterministic kernel exploit for iOS. Enjoy! alfiecg.uk/2025/03/01/Tri…

looks like the AI + MCP-assisted reverse engineering hype train is gaining steam! 🚂✨ in just the past few days, we've seen: • itszn integrating MCP into Vector 35’s Binary Ninja (x.com/itszn13/status…) • Mx-Iris casually dropping his IDA MCP project, which I had to

Check out our first blog post about V8 CVE-2024-12695: bugscale.ch/blog/dissectin…

Our latest post details how we exploited Retbleed (a CPU vulnerability) to compromise a machine from a sandboxed process and VM! Curious? 👇 bughunters.google.com/blog/624373010…