Here's an overview of my more useful repos:
-
WAMpage (CVE-2022-23731) - webOS root LPE, including a V8 exploit.
-
RootMyTV (CVE-2022-23727) - A user-friendly root exploit for LG webOS Smart TVs.
-
NXLoader - Exploit CVE-2018-6242 from (almost) any Android device.
-
fusee-nano - Exploit CVE-2018-6242 from embedded linux devices.
-
PageSigner Signature Forgery - Signature forgery via domain fronting.
-
CVE-2017-13672 - A PoC for CVE-2017-13672 - QEMU DoS
-
ambiguous-png-packer - Craft PNG files that appear completely different in Apple software.
-
dlinject - Like
LD_PRELOADbut for already-running programs. -
webos-vncserver - A VNC server for TVs running WebOS.
-
libleakmydata -
LD_PRELOADhooks to bypass SSL certificate verification. -
TARDIS - Trace And Rewrite Delays In Syscalls.
-
Turbo-Recadmiumator - Yet another browser extension to enable 1080p Netflix playback on "unsupported" platforms.
-
rc4 - A Python3 RC4 implementation that doesn't suck.
-
tweetable-polyglot-png - Pack up to 3MB of data into a tweetable PNG polyglot file.
-
unsafe-python - Showcasing CPython's memory unsafety "features".
-
6502-emu - A 6502 emulator that I've been meaning to rewrite since forever.
-
chip8 - Yet another CHIP-8 emulator.
-
pwn-mbr - A very basic MBR hijack PoC.
-
aes-playground - Pedagogical AES implementation(s)
-
wifi-sdcf - Reverse Engineering notes for a "WiFI SD Card" device.