bazad Goto Github PK
Name: Brandon Azad
Type: User
Company: Google Project Zero
Bio: iOS security research
Blog: https://bazad.github.io
Name: Brandon Azad
Type: User
Company: Google Project Zero
Bio: iOS security research
Blog: https://bazad.github.io
Kernel memory leak/local DOS on iOS 11.
My security blog.
CVE-2018-4280: Mach port replacement vulnerability in launchd on iOS 11.2.6 leading to sandbox escape, privilege escalation, and codesigning bypass.
CVE-2017-13868: Information leak of uninitialized kernel heap data in XNU.
A tool to parse Apple's binary device tree format.
Proof-of-concept exploit for CVE-2016-1827 on OS X Yosemite.
Kernel heap read buffer overflow on macOS/iOS requiring root.
Memory leak in XNU requiring root privileges.
CVE-2018-4343: Proof-of-concept for a use-after-free in the GSSCred daemon on macOS and iOS.
CVE-2018-4331: Exploit for a race condition in the GSSCred system service on iOS 11.2.
An IDA Toolkit for analyzing iOS kernelcaches.
Kernel heap pointer disclosure in IOGraphicsFamily.
CVE-2017-2388: Null-pointer dereference in IOFireWireFamily.
CVE-2016-7608: Buffer overflow in IOFireWireFamily.
Local denial of service on iOS 11.2.
Example showing how to build a standalone iOS executable using Xcode.
A kernel stack disclosure in FreeBSD.
CVE-2018-4280: Mach port replacement vulnerability in launchd on macOS 10.13.5 leading to local privilege escalation and SIP bypass.
An example of how to use libmemctl with mach_portal.
A tool to find gadgets in the iOS kernelcache.
An iOS kernel introspection tool.
A memctl core for macOS that uses a kernel extension.
A memctl core that uses the physmem exploit.
A memctl core for jailbroken iOS devices.
Local denial of service exploit for iOS 11/macOS 10.13.
Local privilege escalation through macOS 10.12.1 via CVE-2016-1825 or CVE-2016-7617.
Slides from my conference presentations.
Local privilege escalation for OS X 10.10.5 via CVE-2016-1828.
CVE-2017-7173: Local denial of service for iOS requiring root privileges.
A library to execute code in the context of other processes on iOS 11.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.