A big honor to coauthor with @abc_sup and Gulshan the very first blog from Android Red Team on analysis and exploitation of CVE-2023-20938 in Android Binder driver at 🔥 .The slide-deck presented at @offensive_con is available at

RT @a13xp0p0v: Slides for my talk at @h2hconference 2024:. Diving into Linux kernel security 🤿. I described how to learn this complex area….

Introducing Grok Imagine.

RT @gr4yf0x: Custom Linux kernel fuzzing with libFuzzer by @R00tkitSMM

RT @domenuk: Slides for my @ekoparty talk "Advanced Fuzzing.With LibAFL".- >.

RT @ayper: Excited to share our latest post on memory safety! We're tackling spatial safety in our massive C++ codebase by hardening libc+….

RT @spaceraccoonsec: “Break into the world of vulnerability research. and become a zero-day hunter.” I have a new book with @nostarch!. B….

RT @R00tkitSMM: TL;DR I Implemented a super reliable macOS kernel binary rewriting to instrument any KEXT or XNU at….

RT @andreyknvl: Getting made fun of because you cover laptop webcam with a sticker? 😭. Here are materials from my talk about controlling Th….

RT @bsdaemon: A while ago I've given a talk on how to build exceptional security research teams: - I continue convi….

RT @domenuk: Project Zero blog:.LLMs find 0days now! 👀. And: our fuzzer setup did *not* reproduce it! https://t.c….

RT @theflow0: LibRaw RCE vulnerabilities found by @polict_ from our team:.- -

RT @Flipacholas: As promised, here is a new article: PlayStation Vita (Part 1). Enjoy!.

RT @halbecaf: CVE-2024-9143 ( was disclosed recently, which was found by OSS-Fuzz-Gen! This is a pretty proud examp….

RT @klecko0: I've written a post on SELinux and some public bypasses for Android kernel exploitation. It's especially relevant for Samsung….

RT @domenuk: Excited to give this talk 🔥🔥🔥.

RT @matrosov: IDAlib is the first idiomatic Rust bindings library for @HexRaysSA IDA SDK, helping go beyond C/C++ or Python in RE automatio….

RT @matrosov: 💥PoC is now public! . target = " https://{ip_address}/cgi/login.cgi".command = "touch /tmp/BRLY". libc = 0x76283000 # we tr….

RT @domenuk: We have cleaned up the #LibAFL example fuzzers!.This makes things easier to find and understand. Thanks to @rmalmain . Take a….

RT @jeffvanderstoep: I’m super excited about this blogpost. The approach is so counterintuitive, and yet the results are so much better tha….

Exciting story on collaboration between Google Android Offsec and ARM product security on proactively securing Mali GPU attack surface in Android and beyond. Among proactively identified and mitigated issues is CVE-2024-0153 in GPU firmware.

Continuing the series on exploiting Android Binder with Binder internals blog Deep dive into Binder driver by @abc_sup and Gulshan. We also release -- tiny lib featuring how to do IPC via Binder driver. Happy Binder hacking!.