Linux Kernel Exploit (CVE-2022–32250) with mqueue An article about exploit a slab use-after-free bug in the netfilter subsystem. blog.theori.io/linux-kernel-e…

Releasing my new project to the public. "Mshikaki" is a shellcode injector that utilizes APC injection, XOR encryption, remote/on-disk shellcode loading, arbitrary process injection, and can bypass AMSI. github.com/trevorsaudi/Ms…

Reverse Engineering a tcpip.sys DOS Vulnerability x.com/i/broadcasts/1…

Linux Process Injection: Emulating the Windows VirtualAllocEx and CreateRemoteThread to inject into a Linux Firefox process. mutur4.github.io/posts/linux-ma…

💫 Here are my slides from my #BSidesNairobi2025 : "From Likes To Leaks" 💫. Solving the ‘hack my boyfriend’s WhatsApp’ question canva.com/design/DAFzbnj…

Short blog post introducing how to add psuedo-syscalls and struct definitions to Syzkaller for Linux kernel vulnerability research Credits Lau pwning.tech/ksmbd-syzkalle… #Linux #cybersecurity

(CVE-2023-6702)[1501326][$16000][promises, async stack traces]Type Confusion in V8 is now open with a PoC: issues.chromium.org/issues/40941600 This vulnerability has existed since the `Promise.any` function was introduced. chromium-review.googlesource.com/c/v8/v8/+/2198… PoC: ./d8 poc.js issues.chromium.org/action/issues/…

#Lazarus exploited a flaw in the Windows AppLocker driver (appid.sys) as a zero-day to gain kernel-level access and turn off security tools.CVE-2024-21338 Beyond BYOVD with an Admin-to-Kernel Zero-Day decoded.avast.io/janvojtesek/la…

ptrace, mmap and the clone system calls for process injection in Linux Credits BinaryChunk mutur4.github.io/posts/linux-ma… #Linux #infosec

Chrome sandbox escape abusing Liftoff assembly by [email protected] retr0.zip/blog/abusing-L… #chrome #infosec

In this post I'll use CVE-2023-6241, a vulnerability in the Arm Mali GPU that I reported last November to gain arbitrary kernel code execution from an untrusted app on a Pixel 8 with MTE enabled. github.blog/2024-03-18-gai…

We've started a blog series on N-day full chain exploits. The first part is about chrome renderer exploit, CVE-2023-3079. Check it now!👇👇 blog.theori.io/chaining-n-day… #Theori #티오리 #Blog #Research #Fermium252 #Chrome #VirtualMachine #CVE #Vulnerability

Exciting news! 🚀 Just dropped my blogpost unveiling the universal Linux kernel LPE PoC for CVE-2024-1086 (working on v5.14 - v6.7) used for pwning Debian, Ubuntu, and KernelCTF Mitigation instances, including novel techniques like Dirty Pagedirectory 🧵 pwning.tech/nftables

This screenshot shows how external bots try to scan a phishing page, hosted by Evilginx Pro. Every request is made from a different IP address, which ultimately proves that IP blacklisting is dead as a method to block scanners. JA4 & browser telemetry analysis is the way to go.

My new Project Zero blog post, Driving Forward in Android Drivers is live! 🥳 googleprojectzero.blogspot.com/2024/06/drivin…

An Introduction to Chrome Exploitation - Maglev Edition :: — uf0 matteomalvica.com/blog/2024/06/0…

How do you explain to normal people that modern exploits are actual pieces of art?

Exciting update on Project Zero’s LLM research: googleprojectzero.blogspot.com/2024/10/from-n…