InInfoSec Write-upsbyWaterBucketUnderstanding IOCTLs for Windows Vulnerability Research & Exploit DevelopmentFollowing up on my previous post about the role of RFCs in vulnerability research, I thought it would be nice to explore IOCTLs, a crucial…20h ago
InTheori BLOGbyTheori Vulnerability ResearchChaining N-days to Compromise All: Part 6 — Windows Kernel LPE: Get SYSTEMThis blog post is the last series about the vulnerabilities used in our 1-day full chain exploit we demonstrated on X. In this blog post…May 221
Florian WalterFound a Vulnerability? 3 Easy Steps to Submitting a CVE!In my recent post, I talked about the methodology that I used to find most of my 25 CVEs (you can find this article here…Feb 263Feb 263
Ekene Joseph OnyeagusiVulnerability Exploitation with Metasploit Framework on Kali LinuxAs an experienced penetration tester, leveraging the power of the Metasploit Framework on Kali Linux is a cornerstone of effective…2d ago2d ago
InTheori BLOGbyTheori Vulnerability ResearchChaining N-days to Compromise All: Part 4 — VMware Workstation Information leakageWe will present how we get the critical information in VMware process running on the host from the guest. (CVE-2023–34044)Apr 181Apr 181
InInfoSec Write-upsbyWaterBucketUnderstanding IOCTLs for Windows Vulnerability Research & Exploit DevelopmentFollowing up on my previous post about the role of RFCs in vulnerability research, I thought it would be nice to explore IOCTLs, a crucial…20h ago
InTheori BLOGbyTheori Vulnerability ResearchChaining N-days to Compromise All: Part 6 — Windows Kernel LPE: Get SYSTEMThis blog post is the last series about the vulnerabilities used in our 1-day full chain exploit we demonstrated on X. In this blog post…May 221
Florian WalterFound a Vulnerability? 3 Easy Steps to Submitting a CVE!In my recent post, I talked about the methodology that I used to find most of my 25 CVEs (you can find this article here…Feb 263
Ekene Joseph OnyeagusiVulnerability Exploitation with Metasploit Framework on Kali LinuxAs an experienced penetration tester, leveraging the power of the Metasploit Framework on Kali Linux is a cornerstone of effective…2d ago
InTheori BLOGbyTheori Vulnerability ResearchChaining N-days to Compromise All: Part 4 — VMware Workstation Information leakageWe will present how we get the critical information in VMware process running on the host from the guest. (CVE-2023–34044)Apr 181
pedbapTelegram Web app XSS/Session Hijacking 1-clickThis is the technical write up of a severe vulnerability I reported to Telegram’s Bug Bounty program on March 9th, 2024. Telegram fixed…Apr 28
InTheori BLOGbyTheori Vulnerability ResearchChaining N-days to Compromise All: Part 2 — Windows Kernel LPE (a.k.a Chrome Sandbox Escape)We will present how we escaped the Chrome sandbox by exploiting a Windows kernel vulnerability. The vulnerability is CVE-2023–21674.Apr 1
