🚀 We're back with a fresh blog redesign! Dive into @Diego_AltF4's latest post, which offers an in-depth analysis of CVE-2023-22098, including a reliable PoC to escape VirtualBox. 🛠️ Unleash your virtualization magic now! Link below ⬇️
Blog post coming soon with an in-depth analysis and exploit development for CVE-2023-22098, discovered by the incredible @theflow0!
Stay tuned, VM wizards!
Leaking Host KASLR from Guest VMs Using Tagged TLB by @renorobertr
Article Highlight #14 - check it out in Paged Out! #4 page 58
https://t.co/aDN16hz7K7
🚀 New blog alert! 🚀
Dive deep with our latest posts:
🍎 "TCC Overview and Internals" - Learn how one of the main macOS protections work
🐝"Intro to Development Using eBPF" - Start your journey with eBPF and Docker!
Hope you enjoy the new content made by @esquilichii
El pasado lunes, @mundohackertv fue testigo de una ponencia inolvidable sobre la explotación de hipervisores, cortesía de nuestros compañeros @Diego_AltF4 y @t0ct0u.
Una charla que nos dejó a todos con la boca abierta y con ganas de más.🤓
Enhorabuena!👾
Part 4 of our N-Day Exploit Series is LIVE! 🔥
➡️ https://t.co/7qm9IzDqYu
Unveiling CVE-2023-34044, an information leakage vulnerability in #VMware Workstation’s #VBluetooth device, found by our own @pr0ln!
It’s a variant of CVE-2023-20870 demonstrated by @starlabs_sg in #Pwn2Own2023 Vancouver.
Dive into the details.
#Theori #티오리 #VulnerabilityResearch #ndayfullchainexploit
Just launched a new research blog with my colleagues and friends.
Vulnerability research, OS internals and malware shenanigans will be the main topics of the blog, check it out!
hxxps://zeroclick.sh/
@zeroclicksh
👩💻🧑💻La @guardiacivil ha concluido esta semana su #VNationalCyberLeagueGC, competición en la que se simula un ciberincidente
Los ganadores por categoría han sido
🔘 Pre-Amateur: @ColegioRetamar
🔘 Amateur: alumnos de @urjc
🔘 Profesional: @EMADmde
https://t.co/wmYeYDyZvV
Easy right? Well then here is the writeup for a CTF pwn challenge that requires both linux heap and FSOP exploitation techniques.
@pop_rdi_ret is the creator of both the challenge and the write up.
https://t.co/3G96Ev7MEq
New post is up!! . Tired of not solving FSOP challenges on the latest libc? You don't need to look any further;)
Intro to FSOP exploitation and House of Paper by @pop_rdi_ret
https://t.co/6qD3MmO1KK
Keep calm and Qemu on!!
If you want to see how to exploit a vulnerable PCI device and escape from Qemu, take a look at the writeup that @Diego_AltF4 and @t0ct0u have prepared about their HackOn 2024 challenge.
https://t.co/xGPbRvCCMg
¡Sumate al nuevo stream de @MrNox_: @PwnLive_, un canal para hablar de reversing, exploiting, análisis de malware, programación, y hacking! 🔥
Además de su primer invitado Diego Porras y su charla "Virtualization Security para bebés", ¡habrá SORTEO en vivo! Podés ganarte swag de la #EKO 😎
📅 Agendate el jueves 31 de agosto
⏰A las 18:00hs
¡No te lo pierdas! 💥 >> https://t.co/Fu6ubmJjum
Happy to finally publish my work on the two vulnerabilities in the Linux kernel I've found: CVE-2022-1015 and CVE-2022-1016! I'll be talking some background, a deeper look into nf_tables, and a local privilege escalation PoC! (code on my github)
https://t.co/8cummKtTHT
I just pwned the latest Ubuntu at Pwn2Own despite the unexpected release yesterday! This is my first in-person Pwn2Own event! And I'm so grateful to @thezdi for this amazing event!