Come learn how to hack the XNU kernel, like a pro 🍎
with beautiful diagrams to guide every step. :)
📅 Nov 10-12 (3 days)
📍 Four Seasons Hotel Seoul, South Korea
🔗 More info powerofcommunity.net/#training
Oh, We have a long weekend ahead in Germany/Berlin.
Maybe I can finish my unpublished blog posts.
Share blogs or papers that I can read and enjoy.
My new blog post, which I presented at #Zer0Con2025
A binary level macOS KEXT kernel address sanitizer
r00tkitsmm.github.io/fuzzing/2025...
Will be in Korea next week for Zer0Con. Ping me and let’s chat about software security.
Paged Out! #6 has arrived! And it's jam-packed with content!
You can download it here:
pagedout.institute?page=issues....
Happy to share my slides from BOOTSTRAP25. Unfortunately the bug discussed is still not patched in Linux 6.14.0 despite it being reported explicitly. Slides are in markdown but there's a PDF in "releases" too github.com/jduck/bs25-s...
[RSS] The Evolution of Dirty COW (1)
u1f383.github.io ->
Original->
Did you know that pressing CTRL+D in linux terminal is like pressing ENTER? (to some extent, of course)
Well, I didn't, so after randomly investigating what CTRL+D actually does, I've decided it's a fun topic to write about:
hackarcana.com/article/ctrl...
This is so cool: The LibAFL_QEMU ASan implementation was ported to rust
github.com/AFLplusplus/...
#LibAFL #QEMU #ASan #Rust
I will talk about macOS Kernel fuzzing at the zer0con.org#schedule-sec... conference.
Very interesting thank you
I usually dig into a topic I research by googling and reading blogs, manuals, sources,… and have not read a technical book for a year.
What would you recommend for low level software/CPU/OS security/exploit topics?
All videos from The 38th Chaos Communication Congress (38C3) 2024:
media.ccc.de/b/congress/2...
#cybersecurity #informationsecurity #hacking #exploitation #iOS #android #apple #exploitation #reverseengineering #vulnerability
Doing Apple Silicon’s security research for days non stop. Hope it becomes a blogpost at some point.
I sometimes print them. But I think iPad is the only option to deal with PDFs.
Steve Glass, talks about potential vulnerabilities in TLV parser of AWDL in jun 2019,
And some months later ian beer reported that famous vulnerability in exactly TLV parser of AWDL.
Conferences are sources of ideas.
It’s not* the best option. :)
Where do you read papers? I have kindle and it’s the best option.
Thank you it’s too late for me now.
I’m in Hamburg, but wouldn’t attend #38c3 due to ticket issue :)
Re-sharing to keep bluesky rolling
go.bsky.app/EhGFSVj
I have read and watched a lot of papers and presentations this week about
Compiler 🤝 OS 🤝SoC
security.
www.youtube.com/watch?v=bytW...
www.youtube.com/watch?v=C1nZ...
These two are about PAC
Pishi2 needed more compiler/LLVM
Knowledge.
This is very good reference.
llsoftsec.github.io/llsoftsecbook/
Have written new macOS binary level fuzzing blog post.
Second part of
r00tkitsmm.github.io/fuzzing/2024...
Don’t know when to publish it
Took 3 weeks off, bought a new MacBook. It’s to to fuzz the kernel.
