Here’s the collection of the most significant exploits that I’ve published in the past three decades or so. Enjoy! github.com/0xdea/exploits

Pwning basebands is often seen as black magic, but it’s surprisingly easy to start... if you know how 😁 Practical Baseband Exploitation teaches you to reverse engineer basebands, find vulnerabilities, and program BTS to exploit them over-the-air. This year, the course is at

Pwning basebands is often seen as black magic, but it’s surprisingly easy to start... if you know how 😁 Practical Baseband Exploitation teaches you to reverse engineer basebands, find vulnerabilities, and program BTS to exploit them over-the-air. This year, the course is at

Router RCE via the public WLAN interface *which cannot be disabled on your own router without calling the ISP* w/ bonus fault injection via HDD vibrations 🤠 👑King showing by João Domingos and a shit show by MEO r0ny.net/FiberGateway-G…

🚨 Conference tickets will be on sale next Monday (4PM UTC+2)! 🎫 Standard price: 1320€ 🎟 Reduced price: 660€* *Reduced prices are for students and professionals whose company does not cover the ticket. ✨ New this year: a second party has been added on Saturday evening.

This is pretty cool, but like other AI tools, the example is a toy vulnerability in a toy binary, not found in the real world. Gimme hardcore real-life examples and I'll buy it 💵

Nice write-up on hacking a credit card terminal: stefan-gloor.ch/yomani-hack Would have been nice to take it to the next level and looked into that "secure OS" tho 🤠

Ah, libxslt. A library with NO MAINTAINERS used by Chrome, a browser from one of the richest companies on Earth: source.chromium.org/chromium/chrom… And instead of adopting or rewriting it, Google spend $$$$$/day on P0 engineers to find bugs in it. The incentives here are stupidly broken.

Thanks to everyone who responded. We're closing applications for this role from now on. I'm sorry but we had a lot of applications, so I can't get back to everyone who applied!

It's only a felony if you're caught github.com/system-linux/F…

Hexagon Fuzz: Full-System Emulated Fuzzing of Qualcomm Basebands by srlabs srlabs.de/blog-post/hexa…

I wrote a blogpost about Android on-device fuzzing -> Reproducing a million-dollar bug: WhatsApp CVE-2019-11932 (with AFL & Frida) ibm.com/think/x-force/…

Our flagship Hunting Zero-Days in Embedded Devices training returns to Rome, September 23-26! In 4 intensive days, you'll learn to inspect devices, find hidden debug interfaces, extract firmware, analyze it, find a remote vulnerability, and exploit it!

For decades one of the most exploited vulnerabilities has been “misconfigured software.” Whether that was “+ +” in an .rhosts file, or bad access controls on an S3 bucket, or unauthenticated database access on the open web, it is all still hacking.

Increasing numbers of Russian FPVs are being recovered with boards like this for machine learning algorithms allowing terminal autonomy. The Rockchip RK3588s System-on-Chip has six TOPS (Tera Operations per Second), plenty for semi-autonomous targeting and guidance. 1/

NEED YOUR HELP! My Friend/Teacher Soroush (Soroush Dalili) Is looking for a new company to join, you know him as the .NET-God, the guy who has popped exchange, sharepoint, has maintained ysoserial_.net for years, contributed to the exploitation scene numerous times, taught all of you