Really interesting to learn about this chain, where 2 bugs out of 3 were not related to memory corruption.

I found a vulnerability that allowed me to unlock any Google Pixel phone without knowing the passcode. This may be my most impactful bug so far. Google fixed the issue in the November 5, 2022 security patch. Update your devices! bugs.xdavidhu.me/google/2022/11…

Mind the gap: googleprojectzero.blogspot.com/2022/11/mind-t… Part of project zero's remit is to drive structural improvements across the ecosystem.

🚀We just released a new version of QBDI, Quarkslab's Dynamic Binary Instrumentation Framework with full support for AARCH64 and ARM32/Thumb architectures. You can check it out here: qbdi.quarkslab.com Or get the code and pre-built packages from here: github.com/QBDI/QBDI/rele…

Join me on my journey of finding 2 critical vulnerabilities in the months after the Pixel 6 was launched 😁 I’m very excited to be part of such amazing lineup again!

Spice up your binary program analysis with TritonDSE ! A blog post by Christian Heitman and Robin David introducing our framework for Dynamic Symbolic Execution in Python #symexec #fuzzing #opensource blog.quarkslab.com/introducing-tr…

PASTIS For the Win! Introducing PASTIS, an open source Python framework for ensemble fuzzing. Read about it in this blog post by Robin David and Christian Heitman: blog.quarkslab.com/pastis-for-the… #fuzzing #symexec #vulnresearch #apero

Happy to be at offensivecon, enjoying such an amazing event and fantastic presentations! Come and say hi if you're around :)

x86 looks like garbage - out of context acez

Looking forward to presenting this research here at REcon. Don't miss it if you're interested in the internals of data encryption at rest in Android and how to attack it!

Thanks again to REcon for having us!

It wasn't until I'd *taught* algorithms a few times that I finally understood why sorting is in the CS curriculum. Unfortunately, most curricula don't explain this! It is NOT because sorting is an important algorithm to learn to implement...

Slide-deck of our talk at BH USA 2023 on attacking & securing Pixel modem are available at i.blackhat.com/BH-US-23/Prese… Farzan Karimi, Xuan & Xiling

Enjoy the read and remember to set strong credentials 😉

Up next ⏭️ 🟢Live visuals from📳Dissecting the Modern #Android Data Encryption Scheme by💡Maxime & Damiano sharing insights on the logic behind the generation & storage of the keys for Android's user data encryption + strategies to be adopted as an attacker #hw_ioNL2023

Looking forward to presenting at the best InfoSec conference around!

Attacking the Samsung Galaxy A* Boot Chain by Maxime Rossi Bellom and Damiano Melotti is now live!

Ready to dive deep into the world of cryptographic reverse-engineering? Join Robin David and Dahmun Goudarzi at DOUBLEDOWN24 for an intensive 4-day training session, "Reversing Cryptography in Black Box Binaries," from August 3-6 in Las Vegas! Register today : ringzer0.training/doubledown24-r…