Security, Computing, Engineering

2 of 1; half a nybble of another

Section 01

poc

4 entries

16 February 2019

Ryzenfallen - Exploitation of Ryzenfall for arbitrary read primitive via AMD PSP

21 January 2019

VirtualAllocSecure - AMD Secure Memory Encryption on Windows by hacking PTEs

07 January 2019

wsIPC - Covert channel for Windows abusing Working Set side-channel

andhook - Android Hooking Framework

Section 02

tools

3 entries

10 February 2026

Praxis - Semantic command & control framework for AI agents

08 November 2019

AMD firmware flash dumping tool

divination - platform, iospace and physmem inspection framework

Section 03

talks/articles/publications

16 entries

Semantically Packaged Tradecraft: Credential Dumping

25 January 2026

Semantic Protocol Confusion: When My LLM Thinks It's a Web Browser

17 December 2023

BSOD colour change trickPaged Out! #3

11 January 2021

Linux code injection paint-by-numbers

27 December 2019

An Arbitrary Read Exploit for RyzenfallPoC||GTFO 20:05

Understanding modern UEFI-based platform boot

21 September 2018

Admiring the Zircon: Understanding Minimal Process Creation

Introducing Windows Defender System Guard runtime attestation

PLATINUM continues to evolve, find ways to maintain invisibility

Remote Code Execution in Xiaomi MIUI Analytics

Side-channel AttacksBen Gurion University

08 December 2015

What's in an Address: Understanding DDR Memory Mapping

Attacking the Linux PRNG on Android: Weaknesses in Seeding of Entropic PoolsWOOT '14

Remote Exploitation of the Cordova FrameworkOWASP IL '14

Intro to Timing Attacks WorkshopOWASP Jerusalem APR'13

Abusing the Linux Dynamic Loader with LD_PRELOADDC9723 JUN'11

Section 04

patents

9 entries

US20210406365A1 - Malicious enterprise behavior detection tool

09 February 2016

US10366213B2 - Protecting an application via an intra-application firewall

24 September 2014

US10419419B2 - Technologies for sensor action verification

24 February 2014

US9296338B2 - Vehicle mirror adjustment

17 January 2014

US20150203039A1 - Automatic rear-view mirror adjustments

23 December 2013

US9965040B2 - Method for using magnetometer together w/ gesture to send content to wireless display

20 December 2013

US20160292009A1 - Execution offloading through syscall trap interface

16 December 2013

US9466296B2 - Initiation of action upon recognition of a partial voice command

27 December 2012

US20140187148A1 - Near field communication method and apparatus using sensor context

ABOUT ME

David Kaplan

Passionate about technology with a special interest in security research, AI, systems architecture, and low-level engineering. I currently work as AI Security Research Lead at Origin (a "security for AI" startup), and have previously worked at Microsoft, IBM X-Force, Intel, and NDS.