Across industries and around the world, we’re creating better experiences for people using emerging technologies and human ingenuity. Together, we can reinvent anything.

Two weeks ago we organized our first ever CTF KITCTFCTF 2022. Even though it was a challenging and stressful task, I certainly had a blast preparing challenges and watching the playing teams progress.
One of my challenges called Date was a V8 exploitation…

A deep-dive technical analysis of CVE-2025-50168, a Windows kernel vulnerability (Type Confusion in DirectComposition) presented at Pwn2Own Berlin 2025. This post details how a 4-byte OOB write is escalated into an AAR/AAW primitive using IoRing to achieve…

Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features. - eversinc33/Banshee

Jeremy Blackthorne goes over the major features of Ghidra in his highly interactive 2 hour workshop Reversing with Ghidra.

Android 14 kernel exploit for Pixel7/8 Pro. Contribute to 0x36/Pixel_GPU_Exploit development by creating an account on GitHub.

Join me with my guest Duncan Ogilvie, developer of x64dbg, as he shows us around the tool and shares some Windows debugging techniques. x64dbg is the only actively maintained userland debugger outside of WinDbg, and aims to be much more intuitive and easy…

Flutter is a cross-platform application development platform. With the same codebase, developers write and compile native applications for Android,...

Native code virtualizer for x64 binaries. Contribute to snowsnowsnows/EagleVM development by creating an account on GitHub.

x86/x64 emulation internals on Windows 11 ARM # Introduction # Since the introduction of Intel processors for the MacBooks, malware analysis on Mac has become quite popular, and it has become the hardware of choice for malware analysts. With the...

In-detailed analysis for the famous loader, SmokeLoader

Intro Recently, I had the pleasure to attend the training on Windows Kernel Exploitation at nullcon by the HackSysTeam. The training was well executed, and I got the intro into the world of kernel. But, as you know, nobody could teach you internals about…

ARMO reveals how io_uring enables rootkits to bypass major Linux security tools like Falco, and Defender. Learn about the Curing rootkit and detection strategies.

KernelMode Rootkits explained. This is the first part of this rootkit writing tutorial and it covers SSDT/Shadow hooks.