@gkouv

6 Followers
2 Following
7 Posts
Principal Software Engineer at Arm.
https://llsoftsec.github.io/llsoftsecbook/
Views are my own.
gkouvOct 17
kbeylsOct 14

Big thanks to Tarcisio Fisher for adding a new section on Use-After-Free (UaF) in the Low Level Software Security Book!

Check it out: https://llsoftsec.github.io/llsoftsecbook/#use-after-free-uaf

We’d love your thoughts — comment here or open an issue https://github.com/llsoftsec/llsoftsecbook/issues

Low-Level Software Security for Compiler Developers

gkouvAug 5, 2025
kbeylsAug 5, 2025

We just significantly improved the explanation of control-flow integrity (CFI) in the Low Level Software Security Book, see https://llsoftsec.github.io/llsoftsecbook/#control-flow-integrity-cfi

The new version offers clearer, more detailed explanations to help readers better understand this important security concept.

We’d love to hear your feedback — share your thoughts here or open an issue on github at https://github.com/llsoftsec/llsoftsecbook

#LLSoftSecBook #CFI

Low-Level Software Security for Compiler Developers

gkouvSep 15, 2023
kbeylsSep 15, 2023
I wrote a small, hands-on 'Arm Learning Path' on how to build a very basic exploit starting from a stack buffer overflow on AArch64, see https://learn.arm.com/learning-paths/servers-and-cloud-computing/exploiting-stack-buffer-overflow-aarch64/.
I'd like to hear what you think about it. It aims to help you understand a very basic exploitation technique, without having to know much about very low-level programming.
I'm hoping it will help to better understand other, more advanced, documents explaining exploits that (ab)use memory vulnerabilities, such as https://llsoftsec.github.io/llsoftsecbook/#memory-vulnerability-based-attacks.
Learn how to exploit stack buffer overflows on AArch64

This is an advanced topic for software developers interested in understanding how memory vulnerability-based exploits work on AArch64.

gkouvJul 3, 2023
I just added a section on bounds checking to #LLSoftSecBook, please take a look! Feedback and contributions to this or any other part of the book are welcome! https://llsoftsec.github.io/llsoftsecbook/#bounds-checking
Low-Level Software Security for Compiler Developers

gkouvJun 23, 2023
kbeylsJun 23, 2023
I just wrote a section on branch-predictor based side-channels for #LLSoftSecBook. Please take a look at https://llsoftsec.github.io/llsoftsecbook/#branch-predictor-based-side-channels. We really appreciate your feedback on this and any other content in the book.
Low-Level Software Security for Compiler Developers

gkouvMay 22, 2023
kbeylsMay 22, 2023
Lucian Popescu just started an awesome chapter on compiler-introduced security vulnerabilities for #LLSoftSecBook! Please take a look! We’d really appreciate your feedback on this and any other content in the book. https://llsoftsec.github.io/llsoftsecbook/#compiler-introduced-security-vulnerabilities
Low-Level Software Security for Compiler Developers

gkouvApr 6, 2023
I just wrote a section on JIT compiler vulnerabilities for #LLSoftSecBook, please take a look! We’d really appreciate your feedback on this and any other content in the book. https://llsoftsec.github.io/llsoftsecbook/#jit-compiler-vulnerabilities
Low-Level Software Security for Compiler Developers