Browser Use-after-free exploitation blueprint, hot off my yesterday’s lecture at Zero Day Engineering online session.

Top level attack surfaces in Chrome (remote/sandbox) and how they are related

guess I’ve just made plans for midnight

Security patch analysis to exploit pro tips, by Alisa Esage Шевченко

Playing with Safari exploits on my Linux-based Browser Exploitation training VM

h0mbre Picture yourself making a discovery as magnificent as FORCEDENTRY. Not money or fame. Just the very experience of being that person.

It's important to understand that one is burnt out not just because of energy expenditure. One is drained by a lack of success. If you take time out after not finding the bug you were dreaming of, you will not heal. Only the honor of great discovery is going to reinvigorate you.

Systems modeling perspective on software as exploit engineering insight

“Zero Day Engineering isn’t about hunting bugs or ‘exploit dev’. It’s the art of seeing structure beneath patterns, architecting potential through computational constraints, and designing systems that express it as sovereignty.” — Alisa Esage Шевченко

JIT vulnerabilities happen when compilers trust identity more than context

The art of sovereignty

⚡️ 0-Day Alert - Google Chrome exploit in the wild CVE-2025-5419: Memory corruption in v8 Patched in Chrome Stable Channel 137.0.7151.68/.69

When working on certain hard exploits, you might dread & fold from how difficult the task is; true, some exploits are nearly PhD-level problems, verily so. But there will be no gain without this pain. You either go through it or go away. There is no royal path.

Strict discipline and relentless commitment.

For you interested in JS exploitation I have started a series dissecting as much as possible current state of the art. We are looking for you at fuzzsociety.org Lesson + Linux based container youtu.be/m9c8J1Ysk5A Slides bit.ly/3GNIoGd

For YOU interested in JS exploitation: 2nd episode dissecting the current state of the art. Ready for fakeobj() ? We are looking for you at fuzzsociety.org to learn vulnerability research together, from scratch. youtu.be/hZU_KsShXGk +slides +docker