Come learn how to hack the XNU kernel, like a pro 🍎 with beautiful diagrams to guide every step. :) 📅 Nov 10-12 (3 days) 📍 Four Seasons Hotel Seoul, South Korea 🔗 More info powerofcommunity.net/#training

Here is the source code of my fuzzer ai development for macOS. github.com/R00tkitSMM/P...

Oh, We have a long weekend ahead in Germany/Berlin. Maybe I can finish my unpublished blog posts. Share blogs or papers that I can read and enjoy.

My new blog post, which I presented at #Zer0Con2025 A binary level macOS KEXT kernel address sanitizer r00tkitsmm.github.io/fuzzing/2025...

Will be in Korea next week for Zer0Con. Ping me and let’s chat about software security.

Paged Out! #6 has arrived! And it's jam-packed with content! You can download it here: pagedout.institute?page=issues....

Happy to share my slides from BOOTSTRAP25. Unfortunately the bug discussed is still not patched in Linux 6.14.0 despite it being reported explicitly. Slides are in markdown but there's a PDF in "releases" too github.com/jduck/bs25-s...

[RSS] The Evolution of Dirty COW (1) u1f383.github.io -> Original->

Neat, #riscv emu with #LibAFL support github.com/fkie-cad/squid

Did you know that pressing CTRL+D in linux terminal is like pressing ENTER? (to some extent, of course) Well, I didn't, so after randomly investigating what CTRL+D actually does, I've decided it's a fun topic to write about: hackarcana.com/article/ctrl...

This is so cool: The LibAFL_QEMU ASan implementation was ported to rust github.com/AFLplusplus/... #LibAFL #QEMU #ASan #Rust

I will talk about macOS Kernel fuzzing at the zer0con.org#schedule-sec... conference.

I usually dig into a topic I research by googling and reading blogs, manuals, sources,… and have not read a technical book for a year. What would you recommend for low level software/CPU/OS security/exploit topics?

All videos from The 38th Chaos Communication Congress (38C3) 2024: media.ccc.de/b/congress/2... #cybersecurity #informationsecurity #hacking #exploitation #iOS #android #apple #exploitation #reverseengineering #vulnerability

Doing Apple Silicon’s security research for days non stop. Hope it becomes a blogpost at some point.

Steve Glass, talks about potential vulnerabilities in TLV parser of AWDL in jun 2019, And some months later ian beer reported that famous vulnerability in exactly TLV parser of AWDL. Conferences are sources of ideas.

Where do you read papers? I have kindle and it’s the best option.

I’m in Hamburg, but wouldn’t attend #38c3 due to ticket issue :)

Re-sharing to keep bluesky rolling go.bsky.app/EhGFSVj

I have read and watched a lot of papers and presentations this week about Compiler 🤝 OS 🤝SoC security. www.youtube.com/watch?v=bytW... www.youtube.com/watch?v=C1nZ... These two are about PAC

Pishi2 needed more compiler/LLVM Knowledge. This is very good reference. llsoftsec.github.io/llsoftsecbook/

Have written new macOS binary level fuzzing blog post. Second part of r00tkitsmm.github.io/fuzzing/2024... Don’t know when to publish it

Took 3 weeks off, bought a new MacBook. It’s to to fuzz the kernel.

I’m bad with telling jokes, In my POC2024(Seoul) talk about kernel fuzzing I joked that KAFL is Korean Wave of AFL. And nobody laughed.

Slides for my @ekoparty talk "Advanced Fuzzing With LibAFL" - > docs.google.com/presentation...

Got back home after POC conference, now I have lots of fuzzing paper to read. 🥳

Custom Linux kernel fuzzing with libFuzzer by @r00tkitsmm.bsky.social r00tkitsmm.github.io/fuzzing/2024...

Can’t wait to get back to Berlin to work on my second part of my blog post about macOS kernel fuzzing.

Whoa: NSO Group allegedly rolled a #WhatsApp exploit to implant #Pegasus spyware even after WhatsApp sued them. This previously-unrevealed "Erised" vector was later disabled by WhatsApp. These un-redacted filings are quite the read. Even some footnotes have scoops. 1/

This awesome fuzzing blog post by @r00tkitsmm.bsky.social covers a super reliable macOS kernel binary rewriting to instrument any KEXT or XNU at BB or edge level. Mandatory reading for anyone interested in fuzzing whether you use MacOS or not. So many good system internals and fuzzing references!

https://googleprojectzero.blogspot.com/2023/08/mte-as-implemented-part-1.html?m=1 A 3 parts blogpost from Google Project Zero after a long time.

Steve Glass, talks about potential vulnerabilities in TLV parser of AWDL in jun 2019, And some months later ian beer reported that famous vulnerability in exactly TLV parser of AWDL. Conferences are sources of ideas.

got 3 CVEs in recent Apple's Update CVE-2023-32384 CVE-2023-32372 CVE-2023-27929( last month i didn’t know :) ) https://support.apple.com/en-gb/HT213757

Hey @mdowd.bsky.social could you kindly let me know if you have any tickets to offensiveCon?

Introducing a new way to buzz for eBPF vulnerabilities https://security.googleblog.com/2023/05/introducing-new-way-to-buzz-for-ebpf.html

Lightweight fuzzing of a memory snapshot using KVM https://github.com/awslabs/snapchange

Two dead in shooting at Mercedes-Benz plant in Germany https://amp.cnn.com/cnn/2023/05/11/business/mercedes-benz-shooting-germany/index.html