poc
- 2019.02.16 Ryzenfallen - Exploitation of Ryzenfall for arbitrary read primitive via AMD PSP
- 2019.01.21 VirtualAllocSecure - AMD Secure Memory Encryption on Windows by hacking PTEs
- 2019.01.07 wsIPC - Covert channel for Windows abusing Working Set side-channel
- 2013.05.02 andhook - Android Hooking Framework
tools
talks/articles/publications
- 2023.12.17 BSOD colour change trick (Paged Out! #3)
- 2019.12.27 An Arbitrary Read Exploit for Ryzenfall (PoC||GTFO 20:05)
- 2018.04.19 Introducing Windows Defender System Guard runtime attestation
- 2017.06.07 PLATINUM continues to evolve, find ways to maintain invisibility
- 2016.07.07 Remote Code Execution in Xiaomi MIUI Analytics (meh)
- 2016.05.23 Side-channel Attacks (Ben Gurion University)
- 2014.08.19 Attacking the Linux PRNG on Android: Weaknesses in Seeding of Entropic Pools (WOOT '14)
- 2014.08.05 Remote Exploitation of the Cordova Framework (OWASP IL '14)
- 2013.04.01 Intro to Timing Attacks Workshop (OWASP Jerusalem APR'13)
- 2011.06.03 Abusing the Linux Dynamic Loader with LD_PRELOAD (DC9723 JUN'11)
instructional
patents
- 2020.06.30 US20210406365A1 - Malicious enterprise behavior detection tool
- 2016.02.09 US10366213B2 - Protecting an application via an intra-application firewall
- 2014.09.24 US10419419B2 - Technologies for sensor action verification
- 2014.02.24 US9296338B2 - Vehicle mirror adjustment
- 2014.01.17 US20150203039A1 - Automatic rear-view mirror adjustments
- 2013.12.23 US9965040B2 - Method for using magnetometer together w/ gesture to send content to wireless display
- 2013.12.20 US20160292009A1 - Execution offloading through syscall trap interface
- 2013.12.16 US9466296B2 - Initiation of action upon recognition of a partial voice command
- 2012.12.27 US20140187148A1 - Near field communication method and apparatus using sensor context