Dear all, We are thrilled to announce that bfslabs is joining Binary Gecko ! The two labs will operate under the Geco brand, continuing our tradition of cutting-edge research and community contributions.

#BHUSA The topic, "Super Hat Trick: Exploit Chrome and Firefox Four Times", between me and Zhenghang has come to an end. Thank all the audiences on the spot for participating in our topic sharing. The white paper and PPT are now available to the public. blackhat.com/us-24/briefing…

Check out our latest blog post “Sky’s the Limit – Quick Analysis and Exploitation of a Chrome ipcz TOCTOU Vulnerability” binarygecko.com/skys-the-limit…

Check out our latest post about a vulnerability we disclosed to the Kernel Security Team - “Race conditions in Linux Kernel perf events” binarygecko.com/race-condition…

Here are the slides for my lightning talk at Hexacon docs.google.com/presentation/d… Was tons of fun. Not sure if it was recorded. If you are interested in exploiting. Net check out github.com/SereSharp/NetP… and ysoserial.net

[POC2024] SPEAKER UPDATE 1⃣5⃣ 👥 binerdd & kaanezder - "Fake it till you make it: Bypassing V8 Sandbox by constructing a fake Isolate" #POC2024

Congrats to my Binary Gecko team mates binerdd and kaanezder for their accepted talk! :). See you at #POC2024.

Save the date. #Offensivecon25

Mark your calendars!! Our highly anticipated Off-By-One Conference is returning on the 📆 𝟖𝐭𝐡 𝐚𝐧𝐝 𝟗𝐭𝐡 𝐌𝐚𝐲 𝟐𝟎𝟐𝟓! Stay tuned for more updates on the CFP and venue! 🙌 #OBO2025 #SaveTheDate #OffensiveSecurity #SecurityConference #Singapore

Ekoparty 2024 Binary Gecko Challenge 🇦🇷 Complete the challenge to get a ticket to our VIP dinner/party event in Buenos Aires during the conference. Winners will also get an interview for a Security Researcher position at Binary Gecko. github.com/Binary-Gecko/e…

#POC2024 Jaewon Min & Kaan Ezder(binerdd, kaanezder) Fake it till you make it: Bypassing V8 Sandbox by constructing a fake Isolate 🏎

It’s been a busy month for our Gecko teams around the world… 🌍 Last month, we were in Paris for Hexacon. This week we are in Seoul for POC. Next week we are in Argentina for Ekoparty! If you want to join an elite global VR team, you know what to do.

Jaewon Min(binerdd ) & Kaan Ezder(kaanezder) Fake it till you make it: Bypassing V8 Sandbox by constructing a fake Isolate powerofcommunity.net/poc2024/Jaewon…

[#Zer0Con2025] - Announcements 'Challenge the norms, break boundaries' Zer0Con2025 CFP / CFT is officially opened 📅Date: 10~11th April 2025 🏩 Venue: Fairmont Ambassdor Seoul, South Korea 🎟️Entry badge: 100 available 🌖 CFT status: Partially open due to limited space 🌕CFP

Imagine opening a Discord message and suddenly your computer is hacked. We discovered a bug that made this possible and earned a $5,000 bounty for it. Here's the story and a beginner-friendly deep dive into V8 exploit development. Watch: youtube.com/watch?v=R3SE4V…

#Offensivecon25 Let’s go!

I just released our kernelCTF VSock 0-day write-up with qwerty . (exp196/exp197, CVE-2024-50264) github.com/google/securit… We made history by being the first to exploit VSock in kernelCTF, expanding its known attack vectors. 🥳 It’s a pretty *simple* race condition, right?

…

Amazing... He is a real hacker. cylab.cmu.edu/news/2025/01/0…

[+] Exploit writing academy ready in Argentina: academy.binarygecko.com