@depletionmode - 2 of 1; half a nybble of another

2 of 1; half a nybble of another

security, computing, engineering

@depletionmode

poc

2019.02.16 Ryzenfallen - Exploitation of Ryzenfall for arbitrary read primitive via AMD PSP

2019.01.21 VirtualAllocSecure - AMD Secure Memory Encryption on Windows by hacking PTEs

2019.01.07 wsIPC - Covert channel for Windows abusing Working Set side-channel

tools

2019.11.08 AMD firmware flash dumping tool

2019.07.17 divination - Windows iospace and physmem inspection

instructional

2019.08.14 Understanding modern UEFI-based platform boot

2018.09.21 Admiring the Zircon Part 1: Understanding Minimal Process Creation

2015.12.08 What's in an Address: Understanding DDR Memory Mapping

talks/articles/publications

2018.04.19 Introducing Windows Defender System Guard runtime attestation

2016.07.07 Remote Code Execution in Xiaomi MIUI Analytics (meh)

2014.08.19 Attacking the Linux PRNG on Android: Weaknesses in Seeding of Entropic Pools (WOOT '14)

2014.08.05 Remote Exploitation of the Cordova Framework (OWASP IL '14)

2013.04.00 Intro to Timing Attacks Workshop (OWASP Jerusalem APR'13)

2011.06.03 Abusing the Linux Dynamic Loader with LD_PRELOAD (DC9723 JUN'11)

builds/projects/stuff

2018.09.05 Kaplan se Biltong box build

2015.11.02 CUPC/8: Goodbye ROM, Hello ROM

2015.03.12 CUPC/8: sim.py -> sim.nim

2015.01.17 CUPC/8: Display simulation and Kernel character generation

2014.12.24 CVE-2014-350{0,1,2}: Vulnerabilities in Cordova for Android

2014.12.23 CUPC/8: Testing the memory board - MCU

2014.11.14 CUPC/8: Testing the memory board - RAM

2014.10.14 CUPC/8: Memory board mk 2

2014.06.12 CUPC/8: Memory board

2014.06.09 CUPC/8: The start of it all

tips/snippets

2014.04.24 Piping a remote tcpdump into a local Wireshark session

2012.01.29 ARM long branch

patents

(some of them appreciatively useless)

2016.10.11 US9466296B2 - Initiation of action upon recognition of a partial voice command

2016.03.29 US9296338B2 - Vehicle mirror adjustment

2016.02.09 US20170228524A1 - Protecting an application via an intra-application firewall

2014.09.24 US20160087976A1 - Technologies for sensor action verification

2014.01.17 US20150203039A1 - Automatic rear-view mirror adjustments

2013.12.23 US9965040B2 - Method for using magnetometer together w/ gesture to send content to wireless display

2013.12.20 US20160292009A1 - Execution offloading through syscall trap interface

2012.12.27 US20140187148A1 - Near field communication method and apparatus using sensor context