Archives
- Fri 05 May 2023
- Competing in Pwn2Own ICS 2022 Miami: Exploiting a zero click remote memory corruption in ICONICS Genesis64
- Sat 11 June 2022
- Pwn2Own 2021 Canon ImageCLASS MF644Cdw writeup
- Sat 26 March 2022
- Competing in Pwn2Own 2021 Austin: Icarus at the Zenith
- Thu 15 July 2021
- Building a new snapshot fuzzer & fuzzing IDA
- Thu 15 April 2021
- Reverse-engineering tcpip.sys: mechanics of a packet of the death (CVE-2021-24086)
- Tue 17 November 2020
- Modern attacks on the Chrome browser : optimizations and deoptimizations
- Mon 17 June 2019
- A journey into IonMonkey: root-causing CVE-2019-9810.
- Thu 09 May 2019
- Circumventing Chrome's hardening of typer bugs
- Mon 28 January 2019
- Introduction to TurboFan
- Mon 19 November 2018
- Introduction to SpiderMonkey exploitation.
- Sat 14 July 2018
- CVE-2017-2446 or JSC::JSGlobalObject::isHavingABadTime.
- Thu 17 May 2018
- Breaking ledgerctf's AES white-box challenge
- Sun 11 March 2018
- beVX challenge on the operation table
- Fri 01 December 2017
- Debugger data model, Javascript & x64 exception handling
- Sat 05 August 2017
- Binary rewriting with syzygy, Pt. I
- Wed 21 December 2016
- happy unikernels
- Sun 27 November 2016
- Token capture via an llvm-based analysis pass
- Tue 18 August 2015
- Keygenning with KLEE
- Sun 08 February 2015
- Spotlight on an unprotected AES128 white-box implementation
- Sat 11 October 2014
- Taming a wild nanomite-protected MIPS binary with symbolic execution: No Such Crackme
- Sat 06 September 2014
- Dissection of Quarkslab's 2014 security challenge
- Wed 30 April 2014
- Corrupting the ARM Exception Vector Table
- Thu 17 April 2014
- Deep dive into Python's VM: Story of LOAD_CONST bug
- Tue 11 March 2014
- First dip into the kernel pool : MS10-058
- Sat 12 October 2013
- Having a look at the Windows' User/Kernel exceptions dispatcher
- Mon 16 September 2013
- Breaking Kryptonite's obfuscation: a static analysis approach relying on symbolic execution
- Mon 09 September 2013
- Pinpointing heap-related issues: OllyDbg2 off-by-one story
- Sat 31 August 2013
- Some thoughts about code-coverage measurement with Pin
- Sat 24 August 2013
- Regular expressions obfuscation under the microscope