Pwned！ GeekCon24 in Shanghai GEEKCON

GEEKCON is hiring Research & Operations Interns! Join the world’s top hacker event, dive into smart devices, Web3, AI & more, and work with top cybersecurity talent! Details in pic. 📍 West Bund, Shanghai 🗓️ 3+ months, on-site 💌 Apply: [email protected] Stay curious, stay

Our slides about WASM bugs in browsers are now available. Thanks to everyone who helped with the talk.🫡 Hope we can do better next time. 1. BH USA 2024: i.blackhat.com/BH-US-24/Prese… 2. GeekCon Shanghai 2024: geekcon.top/js/pdfjs/web/v… cc my partners (P1umer xmzyshypnc Q1IQ)

Dropped my slide for POC2024 on Linux kernel exploitation, including a journal from Pwn2Own Vancouver earlier this year. Enjoy 🙂. u1f383.github.io/slides/talks/2…

🎄 All I Want for Christmas is a CVE-2024-30085 Exploit 🎄 As always, we at starlabs are sharing what we learnt. This time, it's brought to you by Cherie-Anne Lee starlabs.sg/blog/2024/all-…

Think you’ve got what it takes to pop shells and snag your ticket to... RE//verse and Off-By-One Conference ? 😏 github.com/star-sg/challe…

I'm unable to join the conference Insomni’hack 2025, so I write a part of content into a blog, hope you enjoy my blog. v-v.space/2025/02/18/Azu…

Excited to announce our talk has been accepted by Black Hat #BHUSA!🥳🥳🥳 In my part of presentation, I’ll cover logic-based pre-auth remote vulnerabilities uncovered via novel abuse of Windows native HTTP API. Can't wait to see y'all in Las Vegas! blackhat.com/us-25/briefing…

Congrats to my mentor 0x140ce for topping the MSRC Q1 leaderboard! 🫡

v-v.space/2025/05/15/CVE… RDG RCE sharing

I am beyond thrilled to share that Netanel Ben Simon and I have been accepted to present at Black Hat USA 2025! We will present our talk "BitUnlocker: Leveraging Windows Recovery to Extract BitLocker Secrets", where we share our VR journey of WinRE! See you there! #BHUSA

Our talk "Dark Corners: How a Failed Patch Left VMware ESXi VM Escapes Open for Two Years" has been accepted by BlackHat USA 2025! Super excited to present this work with 0x140ce and Ezrak1e. See you at #BHUSA! Black Hat blackhat.com/us-25/briefing…

Outstanding! Nguyen Hoang Thach (Thach Nguyen Hoang 🇻🇳) of STARLabs SG used a single integer overflow to exploit #VMware ESXi - a first in #Pwn2Own history. He earns $150,000 and 15 Master of Pwn points. #P2OBerlin

Claude Code is insane. The help I get from it far exceeds directly chatting with Sonnet. This is the best LLM agent I've ever used.

A bit late, but I just published my blog post on bypassing Ubuntu’s sandbox! Hope you enjoy it! u1f383.github.io/linux/2025/06/…

Had another VMware VM escape talk at BlackHat today. Hope you found it interesting😉. I’ll let you know when the slides are available. #BHUSA #BlackHatEvent #VMware

Our “Dark Corners: How a Failed Patch Left VMware ESXi VM Escapes Open for Two Years” slides are now available! This research was a collaborative effort with 0x140ce, Ezrak1e and myself. In this talk, we introduce the ESXi virtual machine escape and sandbox escape

Thank you Daniel Cuthbert, finally met the legend in person. 🫡

Our slide is online: i.blackhat.com/BH-USA-25/Pres… Glad to share our pre-auth DoS & RCE bug hunting research at #BHUSA! Thanks Black Hat for the pre-recording, as we couldn’t attend in person this time for personal reasons. Questions? DM us VictorV wei zhiniang peng