unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
From Naptime to Big Sleep: Using Large Language Models To Catch Vulnerabilities In Real-World Code
Posted by the Big Sleep team Introduction In our previous post, Project Naptime: Evaluating Off...
2024-11-1 23:12:0 | 阅读: 1 |
收藏
|
Project Zero - googleprojectzero.blogspot.com
icol
sqlite3
rowid
assertion
The Windows Registry Adventure #4: Hives and the registry layout
Posted by Mateusz Jurczyk, Google Project Zero To a normal user or even a Win32 application de...
2024-10-26 01:30:0 | 阅读: 6 |
收藏
|
Project Zero - googleprojectzero.blogspot.com
hives
windows
machine
security
loaded
Effective Fuzzing: A Dav1d Case Study
Guest post by Nick Galloway, Senior Security Engineer, 20% time on Project ZeroLate in 2023, whil...
2024-10-4 01:1:0 | 阅读: 5 |
收藏
|
Project Zero - googleprojectzero.blogspot.com
dav1d
sf
fuzzer
tile
memory
The Windows Registry Adventure #3: Learning resources
Posted by Mateusz Jurczyk, Google Project Zero When tackling a ne...
2024-6-28 00:51:0 | 阅读: 7 |
收藏
|
Project Zero - googleprojectzero.blogspot.com
windows
microsoft
security
dbgprintex
kcb
Project Naptime: Evaluating Offensive Security Capabilities of Large Language Models
Posted by Sergei Glazunov and Mark Brand, Google Project Zero IntroductionAt Project Zero, we co...
2024-6-21 01:0:0 | 阅读: 14 |
收藏
|
Project Zero - googleprojectzero.blogspot.com
overflow
xbe
naptime
buffer2
llms
Driving forward in Android drivers
Posted by Seth Jenkins, Google Project ZeroIntroduction Android's open-source ecosystem has led...
2024-6-14 02:3:0 | 阅读: 11 |
收藏
|
Project Zero - googleprojectzero.blogspot.com
dma
ge
dmabuf
drv
hwid
The Windows Registry Adventure #2: A brief history of the feature
Posted by Mateusz Jurczyk, Google Project Zero Before diving into the low-level security aspec...
2024-4-19 00:46:0 | 阅读: 3 |
收藏
|
Project Zero - googleprojectzero.blogspot.com
windows
regedit
regf
security
hives
The Windows Registry Adventure #1: Introduction and research results
Posted by Mateusz Jurczyk, Google Project Zero In the 20-month period between May 2022 and Dec...
2024-4-19 00:45:0 | 阅读: 7 |
收藏
|
Project Zero - googleprojectzero.blogspot.com
windows
memory
security
corruption
hives
First handset with MTE on the market
By Mark Brand, Google Project ZeroIntroduction It's finally time for me to fulfill a long-standi...
2023-11-4 01:4:0 | 阅读: 13 |
收藏
|
Project Zero - googleprojectzero.blogspot.com
mte
memtag
chrome
shiba
scudo
An analysis of an in-the-wild iOS Safari WebContent to GPU Process exploit
By Ian Beer A graph representation of the sandbox escape NSExpression payload In April this y...
2023-10-13 18:47:0 | 阅读: 22 |
收藏
|
Project Zero - googleprojectzero.blogspot.com
unmap
remote
objc
Analyzing a Modern In-the-wild Android Exploit
By Seth Jenkins, Project ZeroIntroductionIn December 2022, Google’s Threat Analysis Group (TAG) dis...
2023-9-20 00:1:0 | 阅读: 16 |
收藏
|
Project Zero - googleprojectzero.blogspot.com
snd
ctl
ashmem
elem
attacker
MTE As Implemented, Part 3: The Kernel
By Mark Brand, Project ZeroBackground In 2018, in the v8.5a version of the ARM architecture, ARM...
2023-8-3 00:30:0 | 阅读: 20 |
收藏
|
Project Zero - googleprojectzero.blogspot.com
mte
memory
attacker
tagging
hardware
MTE As Implemented, Part 2: Mitigation Case Studies
By Mark Brand, Project ZeroBackground In 2018, in the v8.5a version of the ARM architecture, ARM...
2023-8-3 00:30:0 | 阅读: 10 |
收藏
|
Project Zero - googleprojectzero.blogspot.com
bypass
mte
bypasses
attacker
memory
MTE As Implemented, Part 1: Implementation Testing
By Mark Brand, Project ZeroBackground In 2018, in the v8.5a version of the ARM architecture, ARM...
2023-8-3 00:30:0 | 阅读: 13 |
收藏
|
Project Zero - googleprojectzero.blogspot.com
mte
bypass
memory
software
speculative
Summary: MTE As Implemented
By Mark Brand, Project ZeroIn mid-2022, Project Zero was provided with access to pre-production h...
2023-8-3 00:30:0 | 阅读: 10 |
收藏
|
Project Zero - googleprojectzero.blogspot.com
mte
memory
corruption
security
approaches
Release of a Technical Report into Intel Trust Domain Extensions
Today, members of Google Project Zero and Google Cloud are releasing a report on a security revie...
2023-4-25 00:27:0 | 阅读: 10 |
收藏
|
Project Zero - googleprojectzero.blogspot.com
tdx
security
cloud
4th
Multiple Internet to Baseband Remote Code Execution Vulnerabilities in Exynos Modems
Posted by Tim Willis, Project Zero Note: Until security updates are available, users who wish...
2023-3-17 02:7:0 | 阅读: 20 |
收藏
|
Project Zero - googleprojectzero.blogspot.com
baseband
exynos
remote
samsung
Exploiting null-dereferences in the Linux kernel
Posted by Seth Jenkins, Project Zero For a fair amount of time, null-deref bugs were a highly...
2023-1-20 01:33:0 | 阅读: 23 |
收藏
|
Project Zero - googleprojectzero.blogspot.com
refcount
oops
memory
vma
mmput
DER Entitlements: The (Brief) Return of the Psychic Paper
Posted by Ivan Fratric, Project Zero Note: The vulnerability discussed here, CVE-2022-42855, w...
2023-1-13 00:59:0 | 阅读: 16 |
收藏
|
Project Zero - googleprojectzero.blogspot.com
entitlement
collision
utf8string
Exploiting CVE-2022-42703 - Bringing back the stack attack
Seth Jenkins, Project ZeroThis blog post details an exploit for CVE-2022-42703 (P0 issue 2351 - Fix...
2022-12-9 03:4:0 | 阅读: 54 |
收藏
|
Project Zero - googleprojectzero.blogspot.com
anon
vma
kaslr
folio
attacker
Previous
-9
-8
-7
-6
-5
-4
-3
-2
Next