🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Dropped my slide for POC2024 on Linux kernel exploitation, including a journal from Pwn2Own Vancouver earlier this year. Enjoy 🙂. u1f383.github.io/slides/talks/2…

Earlier this year, I used a 1day to exploit the kernelCTF VRP LTS instance. I then used the same bug to write a universal exploit that worked against up-to-date mainstream distros for approximately 2 months. osec.io/blog/2024-11-2…

Our talk at #BHEU is done! Hope you all enjoyed it. 😉 A detailed blog is on the way, but in the meantime, check out the pre-alpha website worst.fit for early access and the slides! Huge thanks to Black Hat and my awesome co-presenter splitline 👁️🐈‍⬛! 🐈‍

I have posted the slides for the talk chompie and I gave this past weekend at H2HC -> The Kernel Hacker’s Guide to the Galaxy: Automating Exploit Engineering Workflows #H2HC github.com/FuzzySecurity/…

Thanks to Security Response ! Happy New Year!

It doesn't happen very often, but Project Zero is hiring! goo.gle/41DBQBY Please share with anyone you think would be awesome for the role 🎉 Looking for at least one person. DMs open if you want to reach out about the role. The team: youtu.be/My_13FXODdU

The detailed version of our #WorstFit attack is available now! 🔥 Check it out! 👉 blog.orange.tw/posts/2025-01-… cc: splitline 👁️🐈‍⬛

Our latest deep dive explores libarchive vulnerabilities under recent Windows 11 updates. 🔍🔓 Check out NiNi's (NiNi) technical write-up for key insights and security implications. Read more here: devco.re/blog/2025/02/1… #VulnerabilityResearch #Cybersecurity

My writeup of the 2023 NSO in-the-wild iOS zero-click BLASTDOOR webp exploit: Blasting Past Webp - googleprojectzero.blogspot.com/2025/03/blasti…

Me and the homies are dropping browser exploits on the red team engagement 😎. Find out how to bypass WDAC + execute native shellcode using this one weird trick -- exploiting the V8 engine of a vulnerable trusted application. ibm.com/think/x-force/…

The slides for my OffensiveCon talk "Finding and Exploiting 20-year-old bugs in Web Browsers" docs.google.com/presentation/d…

We posted our slides! entrysign.top

#OffensiveCon25 videos are now up! youtube.com/playlist?list=…

The Windows Registry Adventure #7: Attack surface analysis googleprojectzero.blogspot.com/2025/05/the-wi…

"For anyone who dares to call themselves a researcher, this exam should be easy enough to make you laugh." blog.terrynini.tw/en/2025-OSEE-E… My new blog post shares my thoughts on OSEE. Where is the learning path? Where is the value of the course? Is the course still relevant today? Will

The final part of j00ru//vx’s Windows Registry series is live! Contains all the hive memory corruption exploitation you’ve been waiting for googleprojectzero.blogspot.com/2025/05/the-wi…

Looks like BlueHat IL talks are online now, so here’s my talk for anyone who wanted to learn about the latest episode of KASLR and couldn’t make it: youtu.be/Dk2rLO2LC6I

The slides for offensivecon talk "Hunting for overlooked cookies in Windows 11 KTM and baking exploits for them" by Cedric Halbronn and I are here: docs.google.com/presentation/d…

Microsoft just released the patch for CVE-2025-33073, a critical vulnerability allowing a standard user to remotely compromise any machine with SMB signing not enforced! Checkout the details in the blogpost by Guillaume André and Wil. synacktiv.com/publications/n…