0xor0ne
@0xor0ne.bsky.social
| CyberSecurity | Reverse Engineering | C and Rust | Exploit | Linux kernel | PhD | Only My Opinions :) |
Interesting short blog post on how electronic passports cryptography works
blog.trailofbits.com/2025/10/31/t...
Credits Joop van de Pol
#infosec #embedded
blog.trailofbits.com/2025/10/31/t...
Credits Joop van de Pol
#infosec #embedded
November 9, 2025 at 10:44 AM
Interesting short blog post on how electronic passports cryptography works
blog.trailofbits.com/2025/10/31/t...
Credits Joop van de Pol
#infosec #embedded
blog.trailofbits.com/2025/10/31/t...
Credits Joop van de Pol
#infosec #embedded
Analysis and exploitation of a Use-After-Free vulnerability in the Linux network packet schedule (CVE-2025-38001)
syst3mfailure.io/rbtree-famil...
#infosec #Linux
syst3mfailure.io/rbtree-famil...
#infosec #Linux
November 8, 2025 at 11:55 AM
Analysis and exploitation of a Use-After-Free vulnerability in the Linux network packet schedule (CVE-2025-38001)
syst3mfailure.io/rbtree-famil...
#infosec #Linux
syst3mfailure.io/rbtree-famil...
#infosec #Linux
November 6, 2025 at 3:19 PM
Apple SEAR is hiring offensive security researchers!
We’re looking for talented researchers across multiple areas of security.
Check out the job description here:
jobs.apple.com/en-us/detail...
Feel free to reach out if you have any questions.
#infosec
We’re looking for talented researchers across multiple areas of security.
Check out the job description here:
jobs.apple.com/en-us/detail...
Feel free to reach out if you have any questions.
#infosec
Offensive Security - Researcher - Jobs - Careers at Apple
Apply for a Offensive Security - Researcher job at Apple. Read about the role and find out if it’s right for you.
jobs.apple.com
October 24, 2025 at 9:44 AM
Apple SEAR is hiring offensive security researchers!
We’re looking for talented researchers across multiple areas of security.
Check out the job description here:
jobs.apple.com/en-us/detail...
Feel free to reach out if you have any questions.
#infosec
We’re looking for talented researchers across multiple areas of security.
Check out the job description here:
jobs.apple.com/en-us/detail...
Feel free to reach out if you have any questions.
#infosec
Great deep-dive on AMD Zen microcode hacking and a signature-validation flaw
bughunters.google.com/blog/5424842357473280/zen-and-the-art-of-microcode-hacking
#infosec
bughunters.google.com/blog/5424842357473280/zen-and-the-art-of-microcode-hacking
#infosec
October 20, 2025 at 3:13 PM
Great deep-dive on AMD Zen microcode hacking and a signature-validation flaw
bughunters.google.com/blog/5424842357473280/zen-and-the-art-of-microcode-hacking
#infosec
bughunters.google.com/blog/5424842357473280/zen-and-the-art-of-microcode-hacking
#infosec
Collection of blog posts, write-ups, papers and tools related to cybersecurity, reverse engineering and exploitation
github.com/0xor0ne/awes...
#cybersecurity #infosec
github.com/0xor0ne/awes...
#cybersecurity #infosec
GitHub - 0xor0ne/awesome-list: Cybersecurity oriented awesome list
Cybersecurity oriented awesome list. Contribute to 0xor0ne/awesome-list development by creating an account on GitHub.
github.com
October 19, 2025 at 11:36 AM
Collection of blog posts, write-ups, papers and tools related to cybersecurity, reverse engineering and exploitation
github.com/0xor0ne/awes...
#cybersecurity #infosec
github.com/0xor0ne/awes...
#cybersecurity #infosec
Presentations about getting started with Linux kernel exploitation
"Linux Kernel Exploitation for Beginners" by Kevin Massey:
rvasec.com/slides/2025/...
"Control Flow Hijacking in the Linux Kernel" by Valeriy Yashnikov
pt-phdays.storage.yandexcloud.net/Yashnikov_Va...
#Linux #infosec
"Linux Kernel Exploitation for Beginners" by Kevin Massey:
rvasec.com/slides/2025/...
"Control Flow Hijacking in the Linux Kernel" by Valeriy Yashnikov
pt-phdays.storage.yandexcloud.net/Yashnikov_Va...
#Linux #infosec
October 19, 2025 at 11:34 AM
Presentations about getting started with Linux kernel exploitation
"Linux Kernel Exploitation for Beginners" by Kevin Massey:
rvasec.com/slides/2025/...
"Control Flow Hijacking in the Linux Kernel" by Valeriy Yashnikov
pt-phdays.storage.yandexcloud.net/Yashnikov_Va...
#Linux #infosec
"Linux Kernel Exploitation for Beginners" by Kevin Massey:
rvasec.com/slides/2025/...
"Control Flow Hijacking in the Linux Kernel" by Valeriy Yashnikov
pt-phdays.storage.yandexcloud.net/Yashnikov_Va...
#Linux #infosec
Synology TC500 smart camera: Remote code execution (RCE) vulnerability
blog.infosectcbr.com.au/2025/08/01/e...
#infosec #embedded
blog.infosectcbr.com.au/2025/08/01/e...
#infosec #embedded
October 17, 2025 at 7:20 PM
Synology TC500 smart camera: Remote code execution (RCE) vulnerability
blog.infosectcbr.com.au/2025/08/01/e...
#infosec #embedded
blog.infosectcbr.com.au/2025/08/01/e...
#infosec #embedded
Excellent blog post on bypassing Ubuntu’s Unprivileged Namespace Restriction
u1f383.github.io/linux/2025/0...
#infosec
u1f383.github.io/linux/2025/0...
#infosec
October 14, 2025 at 5:55 PM
Excellent blog post on bypassing Ubuntu’s Unprivileged Namespace Restriction
u1f383.github.io/linux/2025/0...
#infosec
u1f383.github.io/linux/2025/0...
#infosec
Fault injection for secure boot bypass and secret extraction targeting RP2350
www.usenix.org/system/files...
#infosec
www.usenix.org/system/files...
#infosec
October 12, 2025 at 11:59 AM
Fault injection for secure boot bypass and secret extraction targeting RP2350
www.usenix.org/system/files...
#infosec
www.usenix.org/system/files...
#infosec
3-parts series on vulnerability research and exploitation of the SMB3 Linux Kernel Server (ksmbd)
Part 1: blog.doyensec.com/2025/01/07/k...
Part 2: blog.doyensec.com/2025/09/02/k...
Part 3: blog.doyensec.com/2025/10/08/k...
#infosec
Part 1: blog.doyensec.com/2025/01/07/k...
Part 2: blog.doyensec.com/2025/09/02/k...
Part 3: blog.doyensec.com/2025/10/08/k...
#infosec
October 8, 2025 at 8:20 PM
3-parts series on vulnerability research and exploitation of the SMB3 Linux Kernel Server (ksmbd)
Part 1: blog.doyensec.com/2025/01/07/k...
Part 2: blog.doyensec.com/2025/09/02/k...
Part 3: blog.doyensec.com/2025/10/08/k...
#infosec
Part 1: blog.doyensec.com/2025/01/07/k...
Part 2: blog.doyensec.com/2025/09/02/k...
Part 3: blog.doyensec.com/2025/10/08/k...
#infosec
Exploiting a libANGLE offset integer underflow read the Chrome WebGPU heap
qriousec.github.io/post/oob-angle
#infosec
qriousec.github.io/post/oob-angle
#infosec
October 5, 2025 at 11:25 AM
Exploiting a libANGLE offset integer underflow read the Chrome WebGPU heap
qriousec.github.io/post/oob-angle
#infosec
qriousec.github.io/post/oob-angle
#infosec
Worldline Yomani XR payment terminal reverse-engineering and security analysis
stefan-gloor.ch/yomani-hack
#embedded #infosec
stefan-gloor.ch/yomani-hack
#embedded #infosec
October 4, 2025 at 10:51 AM
Worldline Yomani XR payment terminal reverse-engineering and security analysis
stefan-gloor.ch/yomani-hack
#embedded #infosec
stefan-gloor.ch/yomani-hack
#embedded #infosec
Exploiting vulnerabilities in Supermicro BMC (CVE-2025-7937 and CVE-2025-6198)
www.binarly.io/blog/broken-...
Credits Anton Ivanov
#infosec
www.binarly.io/blog/broken-...
Credits Anton Ivanov
#infosec
October 3, 2025 at 11:18 AM
Exploiting vulnerabilities in Supermicro BMC (CVE-2025-7937 and CVE-2025-6198)
www.binarly.io/blog/broken-...
Credits Anton Ivanov
#infosec
www.binarly.io/blog/broken-...
Credits Anton Ivanov
#infosec
Analysis of GrapheneOS hardened malloc libc allocator
www.synacktiv.com/en/publicati...
Credits Nicolas Stefanski
#infosec
www.synacktiv.com/en/publicati...
Credits Nicolas Stefanski
#infosec
September 24, 2025 at 8:28 PM
Analysis of GrapheneOS hardened malloc libc allocator
www.synacktiv.com/en/publicati...
Credits Nicolas Stefanski
#infosec
www.synacktiv.com/en/publicati...
Credits Nicolas Stefanski
#infosec
Flipping the R/W bit in the page table entry of a mapped file to gain write access
ptr-yudai.hatenablog.com/entry/2025/0...
#Linux #infosec
ptr-yudai.hatenablog.com/entry/2025/0...
#Linux #infosec
September 17, 2025 at 6:01 PM
Flipping the R/W bit in the page table entry of a mapped file to gain write access
ptr-yudai.hatenablog.com/entry/2025/0...
#Linux #infosec
ptr-yudai.hatenablog.com/entry/2025/0...
#Linux #infosec
Exploiting CVE-2024-50264, a Linux kernel UAF vulnerability due to a race condition in AF_VSOC sockets
a13xp0p0v.github.io/2025/09/02/k...
#infosec #Linux
a13xp0p0v.github.io/2025/09/02/k...
#infosec #Linux
September 14, 2025 at 11:22 AM
Exploiting CVE-2024-50264, a Linux kernel UAF vulnerability due to a race condition in AF_VSOC sockets
a13xp0p0v.github.io/2025/09/02/k...
#infosec #Linux
a13xp0p0v.github.io/2025/09/02/k...
#infosec #Linux
September 12, 2025 at 7:12 PM
Practical guide to fuzzing the Binder kernel driver using the Linux Kernel Library (LKL)
androidoffsec.withgoogle.com/posts/binder...
Credits Eugene Rodionov, Gulshan Singh and Zi Fan Tan
#infosec #android
androidoffsec.withgoogle.com/posts/binder...
Credits Eugene Rodionov, Gulshan Singh and Zi Fan Tan
#infosec #android
September 6, 2025 at 1:02 PM
Practical guide to fuzzing the Binder kernel driver using the Linux Kernel Library (LKL)
androidoffsec.withgoogle.com/posts/binder...
Credits Eugene Rodionov, Gulshan Singh and Zi Fan Tan
#infosec #android
androidoffsec.withgoogle.com/posts/binder...
Credits Eugene Rodionov, Gulshan Singh and Zi Fan Tan
#infosec #android
Reverse engineering and decryption of Synology encrypted archives
www.synacktiv.com/en/publicati...
Credits Théo Fauché
#infosec
www.synacktiv.com/en/publicati...
Credits Théo Fauché
#infosec
August 30, 2025 at 10:40 AM
Reverse engineering and decryption of Synology encrypted archives
www.synacktiv.com/en/publicati...
Credits Théo Fauché
#infosec
www.synacktiv.com/en/publicati...
Credits Théo Fauché
#infosec