Come learn how to hack the XNU kernel, like a pro 🍎
with beautiful diagrams to guide every step. :)
📅 Nov 10-12 (3 days)
📍 Four Seasons Hotel Seoul, South Korea
🔗 More info powerofcommunity.net/#training
with beautiful diagrams to guide every step. :)
📅 Nov 10-12 (3 days)
📍 Four Seasons Hotel Seoul, South Korea
🔗 More info powerofcommunity.net/#training
July 31, 2025 at 6:36 AM
Come learn how to hack the XNU kernel, like a pro 🍎
with beautiful diagrams to guide every step. :)
📅 Nov 10-12 (3 days)
📍 Four Seasons Hotel Seoul, South Korea
🔗 More info powerofcommunity.net/#training
with beautiful diagrams to guide every step. :)
📅 Nov 10-12 (3 days)
📍 Four Seasons Hotel Seoul, South Korea
🔗 More info powerofcommunity.net/#training
Here is the source code of my fuzzer ai development for macOS.
github.com/R00tkitSMM/P...
github.com/R00tkitSMM/P...
GitHub - R00tkitSMM/Pishi: Pishi is a code coverage tool like kcov for macOS.
Pishi is a code coverage tool like kcov for macOS. - R00tkitSMM/Pishi
github.com
April 17, 2025 at 3:14 PM
Here is the source code of my fuzzer ai development for macOS.
github.com/R00tkitSMM/P...
github.com/R00tkitSMM/P...
Oh, We have a long weekend ahead in Germany/Berlin.
Maybe I can finish my unpublished blog posts.
Share blogs or papers that I can read and enjoy.
Maybe I can finish my unpublished blog posts.
Share blogs or papers that I can read and enjoy.
April 16, 2025 at 11:15 AM
Oh, We have a long weekend ahead in Germany/Berlin.
Maybe I can finish my unpublished blog posts.
Share blogs or papers that I can read and enjoy.
Maybe I can finish my unpublished blog posts.
Share blogs or papers that I can read and enjoy.
My new blog post, which I presented at #Zer0Con2025
A binary level macOS KEXT kernel address sanitizer
r00tkitsmm.github.io/fuzzing/2025...
A binary level macOS KEXT kernel address sanitizer
r00tkitsmm.github.io/fuzzing/2025...
Pishi Reloaded: Binary only address sanitizer for macOS KEXT.
In the part 1 of my tutorial style blog post about fuzzing, I discussed how we can instrument the macOS KEXTs to collect code coverage at the basic block or edge level.
r00tkitsmm.github.io
April 10, 2025 at 7:21 AM
My new blog post, which I presented at #Zer0Con2025
A binary level macOS KEXT kernel address sanitizer
r00tkitsmm.github.io/fuzzing/2025...
A binary level macOS KEXT kernel address sanitizer
r00tkitsmm.github.io/fuzzing/2025...
Will be in Korea next week for Zer0Con. Ping me and let’s chat about software security.
April 3, 2025 at 5:42 PM
Will be in Korea next week for Zer0Con. Ping me and let’s chat about software security.
Reposted by Meysam
Paged Out! #6 has arrived! And it's jam-packed with content!
You can download it here:
pagedout.institute?page=issues....
You can download it here:
pagedout.institute?page=issues....
March 29, 2025 at 12:17 PM
Paged Out! #6 has arrived! And it's jam-packed with content!
You can download it here:
pagedout.institute?page=issues....
You can download it here:
pagedout.institute?page=issues....
Reposted by Meysam
Happy to share my slides from BOOTSTRAP25. Unfortunately the bug discussed is still not patched in Linux 6.14.0 despite it being reported explicitly. Slides are in markdown but there's a PDF in "releases" too github.com/jduck/bs25-s...
GitHub - jduck/bs25-slides: Slides from "Musing from Decades of Linux Kernel Security Research" at BOOTSTRAP25
Slides from "Musing from Decades of Linux Kernel Security Research" at BOOTSTRAP25 - jduck/bs25-slides
github.com
March 25, 2025 at 7:26 PM
Happy to share my slides from BOOTSTRAP25. Unfortunately the bug discussed is still not patched in Linux 6.14.0 despite it being reported explicitly. Slides are in markdown but there's a PDF in "releases" too github.com/jduck/bs25-s...
Reposted by Meysam
March 27, 2025 at 8:03 PM
Reposted by Meysam
Did you know that pressing CTRL+D in linux terminal is like pressing ENTER? (to some extent, of course)
Well, I didn't, so after randomly investigating what CTRL+D actually does, I've decided it's a fun topic to write about:
hackarcana.com/article/ctrl...
Well, I didn't, so after randomly investigating what CTRL+D actually does, I've decided it's a fun topic to write about:
hackarcana.com/article/ctrl...
hackarcana.com
March 11, 2025 at 11:47 AM
Did you know that pressing CTRL+D in linux terminal is like pressing ENTER? (to some extent, of course)
Well, I didn't, so after randomly investigating what CTRL+D actually does, I've decided it's a fun topic to write about:
hackarcana.com/article/ctrl...
Well, I didn't, so after randomly investigating what CTRL+D actually does, I've decided it's a fun topic to write about:
hackarcana.com/article/ctrl...
Reposted by Meysam
This is so cool: The LibAFL_QEMU ASan implementation was ported to rust
github.com/AFLplusplus/...
#LibAFL #QEMU #ASan #Rust
github.com/AFLplusplus/...
#LibAFL #QEMU #ASan #Rust
Librasan by WorksButNotTested · Pull Request #3023 · AFLplusplus/LibAFL
Implementation of ASAN target side components in rust.
The implementation sits alongside the existing libqasan (although that could be withdrawn in future if we are happy with it). It is selected ...
github.com
March 10, 2025 at 4:29 PM
This is so cool: The LibAFL_QEMU ASan implementation was ported to rust
github.com/AFLplusplus/...
#LibAFL #QEMU #ASan #Rust
github.com/AFLplusplus/...
#LibAFL #QEMU #ASan #Rust
I will talk about macOS Kernel fuzzing at the zer0con.org#schedule-sec... conference.
Zer0Con
Zer0Con is POC’s NEW ‘CLOSED’ international security conference. It focuses on finding, analyzing, and exploiting vulnerabilities. Zer0Con aims to have high-level technical presentations.
zer0con.org
March 10, 2025 at 6:27 PM
I will talk about macOS Kernel fuzzing at the zer0con.org#schedule-sec... conference.
I usually dig into a topic I research by googling and reading blogs, manuals, sources,… and have not read a technical book for a year.
What would you recommend for low level software/CPU/OS security/exploit topics?
What would you recommend for low level software/CPU/OS security/exploit topics?
January 8, 2025 at 6:17 PM
I usually dig into a topic I research by googling and reading blogs, manuals, sources,… and have not read a technical book for a year.
What would you recommend for low level software/CPU/OS security/exploit topics?
What would you recommend for low level software/CPU/OS security/exploit topics?
Reposted by Meysam
All videos from The 38th Chaos Communication Congress (38C3) 2024:
media.ccc.de/b/congress/2...
#cybersecurity #informationsecurity #hacking #exploitation #iOS #android #apple #exploitation #reverseengineering #vulnerability
media.ccc.de/b/congress/2...
#cybersecurity #informationsecurity #hacking #exploitation #iOS #android #apple #exploitation #reverseengineering #vulnerability
December 31, 2024 at 5:42 PM
All videos from The 38th Chaos Communication Congress (38C3) 2024:
media.ccc.de/b/congress/2...
#cybersecurity #informationsecurity #hacking #exploitation #iOS #android #apple #exploitation #reverseengineering #vulnerability
media.ccc.de/b/congress/2...
#cybersecurity #informationsecurity #hacking #exploitation #iOS #android #apple #exploitation #reverseengineering #vulnerability
Doing Apple Silicon’s security research for days non stop. Hope it becomes a blogpost at some point.
December 29, 2024 at 8:15 PM
Doing Apple Silicon’s security research for days non stop. Hope it becomes a blogpost at some point.
Reposted by Meysam
Steve Glass, talks about potential vulnerabilities in TLV parser of AWDL in jun 2019,
And some months later ian beer reported that famous vulnerability in exactly TLV parser of AWDL.
Conferences are sources of ideas.
And some months later ian beer reported that famous vulnerability in exactly TLV parser of AWDL.
Conferences are sources of ideas.
May 25, 2023 at 8:34 AM
Steve Glass, talks about potential vulnerabilities in TLV parser of AWDL in jun 2019,
And some months later ian beer reported that famous vulnerability in exactly TLV parser of AWDL.
Conferences are sources of ideas.
And some months later ian beer reported that famous vulnerability in exactly TLV parser of AWDL.
Conferences are sources of ideas.
Where do you read papers? I have kindle and it’s the best option.
December 28, 2024 at 9:47 AM
Where do you read papers? I have kindle and it’s the best option.
Reposted by Meysam
December 24, 2024 at 12:13 AM
I have read and watched a lot of papers and presentations this week about
Compiler 🤝 OS 🤝SoC
security.
www.youtube.com/watch?v=bytW...
www.youtube.com/watch?v=C1nZ...
These two are about PAC
Compiler 🤝 OS 🤝SoC
security.
www.youtube.com/watch?v=bytW...
www.youtube.com/watch?v=C1nZ...
These two are about PAC
2024 LLVM Dev Mtg - Adding Pointer Authentication ABI support for your ELF platform
YouTube video by LLVM
www.youtube.com
December 6, 2024 at 10:36 AM
I have read and watched a lot of papers and presentations this week about
Compiler 🤝 OS 🤝SoC
security.
www.youtube.com/watch?v=bytW...
www.youtube.com/watch?v=C1nZ...
These two are about PAC
Compiler 🤝 OS 🤝SoC
security.
www.youtube.com/watch?v=bytW...
www.youtube.com/watch?v=C1nZ...
These two are about PAC
Pishi2 needed more compiler/LLVM
Knowledge.
This is very good reference.
llsoftsec.github.io/llsoftsecbook/
Knowledge.
This is very good reference.
llsoftsec.github.io/llsoftsecbook/
Low-Level Software Security for Compiler Developers
llsoftsec.github.io
December 5, 2024 at 12:21 PM
Pishi2 needed more compiler/LLVM
Knowledge.
This is very good reference.
llsoftsec.github.io/llsoftsecbook/
Knowledge.
This is very good reference.
llsoftsec.github.io/llsoftsecbook/
Have written new macOS binary level fuzzing blog post.
Second part of
r00tkitsmm.github.io/fuzzing/2024...
Don’t know when to publish it
Second part of
r00tkitsmm.github.io/fuzzing/2024...
Don’t know when to publish it
Pishi: Coverage guided macOS KEXT fuzzing.
This blog post is the result of some weekend research, where I delved into Pishi, a static macOS kernel binary rewriting tool, which I presented at POC2024. During the weekdays, I focus on Linux kerne...
r00tkitsmm.github.io
December 3, 2024 at 10:36 PM
Have written new macOS binary level fuzzing blog post.
Second part of
r00tkitsmm.github.io/fuzzing/2024...
Don’t know when to publish it
Second part of
r00tkitsmm.github.io/fuzzing/2024...
Don’t know when to publish it
Took 3 weeks off, bought a new MacBook. It’s to to fuzz the kernel.
November 29, 2024 at 9:33 PM
Took 3 weeks off, bought a new MacBook. It’s to to fuzz the kernel.
I’m bad with telling jokes, In my POC2024(Seoul) talk about kernel fuzzing I joked that KAFL is Korean Wave of AFL. And nobody laughed.
November 20, 2024 at 9:09 AM
I’m bad with telling jokes, In my POC2024(Seoul) talk about kernel fuzzing I joked that KAFL is Korean Wave of AFL. And nobody laughed.