Cybersecurity blog posts, writeups, papers, and tools
| https://twitter.com/0xor0ne | |
| GitHub | https://github.com/0xor0ne |
0xor0ne
- 1.9K Followers
- 141 Following
- 847 Posts
Cyber Security - Reverse Engineering - IoT/Embedded - Exploit - Linux kernel and Cats - PhD - My Toots, My Opinions
Great 3-parts series on 0-click exploit chain targeting Android Pixel 9
Arbitrary code execution in mediacodec -> kernel privilege escalation
Part 1: https://projectzero.google/2026/01/pixel-0-click-part-1.html
Part 2: https://projectzero.google/2026/01/pixel-0-click-part-2.html
Part 3: https://projectzero.google/2026/01/pixel-0-click-part-3.html
Research by Natalie Silvanovich and Seth Jenkins
Apple SEAR is hiring offensive security researchers!
We’re looking for talented researchers across multiple areas of security.
Check out the job description here:
https://jobs.apple.com/en-us/details/200623813-2911/offensive-security-researcher?team=SFTWR
If you’re interested in low level systems like RTOS, firmware, coprocessors, embedded components, or microkernels, my team would especially like to hear from you.
Feel free to reach out if you have any questions.
"Challenges and Pitfalls while Emulating Six Current Icelandic Household Routers"
Evaluation of different tools for routers firmware emulation
(FACT, QEMU, EMUX, Qiling, Firmadyne, FAT, FirmAE, Pandawan, and EMBA)
"My Emulation Goes to the Moon... Until False Flag" by Retooling
Exploring the re-implementation of APT41 Scatterbrain's obfuscation
https://retooling.io/blog/my-emulation-goes-to-the-moon-until-false-flag
"Compromise of Fuse Encryption Key for Intel Security Fuses"
Beginners introduction to Fault Injection (voltage glitching) attacks (esp32)
https://security.humanativaspa.it/fault-injection-down-the-rabbit-hole/
"CTF" challenge introducing Linux kernel exploitation
Bypass Linux kernel isolation technique using BPF infrastructure
