Analysis of CVE-2024-30078, a Windows Wi-Fi driver vulnerability. Detailed root cause analysis and exploitation constraints.

Join us with Alisa Esage for a livestream on "Fuzzing from First Principles!" This session will have a theoretical part and a practical part (light-weight). In the theoretical part Alisa will walk through a few slides to quickly plunge into the mathematical…

My journey into Android exploitation at the binary level started with a deep passion for the subject. I was determined to simplify the process as much as possible, but it turned out to be quite challenging.

I am currently working on an emulation environment similar to Qiling.
Unlike Qiling, it emulates the entire user-space, not just the target application.
As Qiling reimplements all APIs (kernel32, vcruntime, …) outside the emulator, it gains a lot of speed…

My experiences using angr for real-world use cases in 2024, and extending it to diagnose problems / show what it’s doing

Introduction Memory management in XNU Page tables Physical use-after-free Exploitation strategy Heap spray Kernel memory read/write Conclusion Bonus: arm64e, PPL and SPTM

Learn about UEFI reverse engineering and exploit development so that you too can build the skills necessary to find and exploit UEFI bugs, understand common UEFI vulnerabilities, and better secure the firmware security supply chain.

Pre-RequisitesSystem calls, eBPF, C, basics of low-level programming. IntroductioneBPF (Extended Berkeley Packet Filter) is a technology that allows users to run custom programs within the kernel. BPF

Guest post by Nick Galloway, Senior Security Engineer, 20% time on Project Zero Late in 2023, while working on a 20% project with Projec...

This research will discuss an overlooked attack surface that allowed us to find more than ten vulnerabilities within two months. Additionally, we will delve into a proxy-based logical vulnerability type that allows us to bypass most validations, enabling…