Documented a small bit of practice on using UNIX pipes as a kernel r/w primitive on iOS (of course using my favorite research tool, Corellium): tfp0labs.com/blog/unix-pipe…

xnu-8019.41.5 source is out, which includes the implementation of kalloc_data_require used to check pipe buffer pointers :D github.com/apple-oss-dist…

Kernel code coverage collected on Corellium and loaded into 's Lighthouse 👀

Corellium researcher Chris Williams takes a look at a vulnerability in XNU, the kernel used by #iOS and #macOS, and explores how Corellium #kernel hooks can help to disable exploit mitigations. More here: corellium.com/blog/using-cor…

What we’ve been reading in November 2023 tfp0labs.com/blog/monthly-r…

An extremely in-depth post about the Android Scudo allocator: vectorize.re/blog/internals…

What we've been reading in December 2023 tfp0labs.com/blog/monthly-r…

What we've been reading in January 2024 tfp0labs.com/blog/monthly-r…

Join us on February 28, 10 AM EST for our webinar on how to use Corellium GlitchChat, our first intentionally vulnerable messaging app built for safe 0-click exploit experimentation using features provided by Corellium. corellium.com/corellium-mess… #Webinar #GlitchChat

Excited to have worked with Corellium on this, special thanks to our own Marco Chomut as lead developer and webinar-presenter

Enhance your #securityresearch skills with Corellium #GlitchChat! Join experts from TFP0 Labs on 4/11 to learn how the #iOS app can be used in #securityanalysis work: carah.io/41ea00

Join Corellium on 4/11 for a webinar on #GlitchChat, an #intentionallyvulnerable #iOS app. Explore the world of 0-click exploits with experts from TFP0 Labs: carah.io/41ea00

Recently NIST posted a grant for cybersecurity education. It requires partnering with an academic institution or nonprofit. OpenSecurityTraining2 is a 501(c)(3) nonprofit, and is seeking companies to partner with grants.gov/search-results…

New blog post: Extracting Sandbox Profiles on iOS with Cellebrite Labs' fork of SandBlaster tfp0labs.com/blog/sandblast…

Extracting Sandbox Profiles on iOS with Cellebrite Labs fork of SandBlaster by TFP0 Labs tfp0labs.com/blog/sandblast… #iOSSecurity #Sandboxing #BinaryNinja

Master iOS fuzzing with our Chief Evangelist, Brian Robison, & Calen Young from TFP0 Labs! Join our webinar & transform complex fuzzing concepts into practical skills to help elevate your mobile R&D skills. 📅 Jan 29th, 10 AM EST Register Now ⬇️ corellium.com/ios-fuzzing-te…

Master #iOS fuzzing with Brian Robison from Corellium & Calen Young from TFP0 Labs! Discover cutting-edge tools and techniques for vulnerability discovery in mobile apps. 📅 When: Jan 29th, 10 a.m. EST Perfect for beginners & pros alike. Register today! corellium.com/ios-fuzzing-te…

Just over one hour left before our webinar with Corellium, for anyone interested in fuzzing on iOS