Day[0]

Day[0]

68 episodes

A weekly podcast for bounty hunters, exploit developers or anyone interesting in the details of the latest disclosed vulnerabilities and exploits.

Podcasts

[binary] Allocator MTE, libwebp, and Operation Triangulation

Published: Jan. 10, 2024, 1 p.m.
Duration: 1 hour 11 minutes 6 seconds

Listed in: Technology

[bounty] Spoofing Emails, PandoraFMS, and Keycloak

Published: Jan. 9, 2024, 1 p.m.
Duration: 1 hour 15 minutes 45 seconds

Listed in: Technology

[binary] RetSpill, A Safari Vuln, and Steam RCE

Published: Dec. 22, 2023, 1 p.m.
Duration: 56 minutes 51 seconds

Listed in: Technology

[bounty] IOT Issues and DNS Rebinding

Published: Dec. 19, 2023, 1 p.m.
Duration: 53 minutes 44 seconds

Listed in: Technology

[binary] Samsung Baseband and GPU Vulns

Published: Dec. 6, 2023, 8:47 p.m.
Duration: 33 minutes 8 seconds

Listed in: Technology

[bounty] Buggy Cookies and a macOS TCC Bypass

Published: Dec. 5, 2023, 1 p.m.
Duration: 49 minutes 5 seconds

Listed in: Technology

[binary] Hypervisor Bugs and a FAR-out iOS bug

Published: Nov. 29, 2023, 1 p.m.
Duration: 55 minutes 10 seconds

Listed in: Technology

[bounty] Kubernetes Code Exec and There Is No Spoon

Published: Nov. 28, 2023, 1 p.m.
Duration: 34 minutes 33 seconds

Listed in: Technology

[binary] A Heap of Linux Bugs

Published: Nov. 22, 2023, 1 p.m.
Duration: 54 minutes 17 seconds

Listed in: Technology

[bounty] Prompting for Secrets and Malicious Extensions

Published: Nov. 21, 2023, 1 p.m.
Duration: 50 minutes 52 seconds

Listed in: Technology

[binary] A Bundle of Windows Bugs

Published: Nov. 15, 2023, 1 p.m.
Duration: 46 minutes 5 seconds

Listed in: Technology

[bounty] Usurping Mastodon and Broken Signature Schemes

Published: Nov. 13, 2023, 1 p.m.
Duration: 39 minutes 45 seconds

Listed in: Technology

[binary] MTE Debuts, DNS Client Exploits, and iTLB Multihit

Published: Nov. 8, 2023, 7:40 p.m.
Duration: 1 hour 5 minutes 59 seconds

Listed in: Technology

[bounty] Attacking OAuth, Citrix, and some P2O Drama

Published: Nov. 7, 2023, noon
Duration: 52 minutes 50 seconds

Listed in: Technology

[binary] Windows Kernel Bugs, Safari Integer Underflow, and CONSTIFY

Published: Oct. 24, 2023, noon
Duration: 48 minutes 56 seconds

Listed in: Technology

[bounty] Rapid Reset, Attacking AWS Cognito, and Confluence Bugs

Published: Oct. 22, 2023, noon
Duration: 29 minutes 52 seconds

Listed in: Technology

[binary] A Chrome RCE, WebP 0day, and glibc LPE

Published: Oct. 11, 2023, noon
Duration: 1 hour 11 minutes 25 seconds

Listed in: Technology

[bounty] Insecure Firewalls, MyBB, and Winning with WinRAR

Published: Oct. 10, 2023, noon
Duration: 50 minutes 23 seconds

Listed in: Technology

[binary] Busted Stack Protectors, MTE, and AI Powered Fuzzing

Published: Sept. 27, 2023, noon
Duration: 1 hour 9 minutes 59 seconds

Listed in: Technology

[bounty] DEF CON, HardwearIO, Broken Caching, and Dropping Headers

Published: Sept. 26, 2023, noon
Duration: 1 hour 18 minutes 31 seconds

Listed in: Technology

[binary] Exploiting VMware Workstation and the Return of CSG0-Days

Published: May 25, 2023, midnight
Duration: 56 minutes 18 seconds

Listed in: Technology

[bounty] Jellyfin Exploits and TOCTOU Spellcasting

Published: May 23, 2023, 8 p.m.
Duration: 47 minutes 10 seconds

Listed in: Technology

[binary] Attacking VirtualBox and Malicious Chess

Published: May 18, 2023, midnight
Duration: 50 minutes 40 seconds

Listed in: Technology

[bounty] OverlayFS to Root and Parallels Desktop Escapes

Published: May 16, 2023, 8 p.m.
Duration: 49 minutes 17 seconds

Listed in: Technology

[binary] TPMs and Baseband Bugs

Published: May 11, 2023, midnight
Duration: 39 minutes 12 seconds

Listed in: Technology

[bounty] Bad Ordering, Free OpenAI Credits, and Goodbye Passwords?

Published: May 9, 2023, 8 p.m.
Duration: 53 minutes 51 seconds

Listed in: Technology

[binary] A Timing Side-Channel for Kernel Exploitation and VR in the wake of Rust

Published: May 4, 2023, midnight
Duration: 42 minutes 1 second

Listed in: Technology

[bounty] Git Config Injection and a Sophos Pre-Auth RCE

Published: May 2, 2023, 8 p.m.
Duration: 39 minutes 20 seconds

Listed in: Technology

[binary] A Ghostscript RCE and a Windows Registry Bug

Published: April 27, 2023, midnight
Duration: 38 minutes 39 seconds

Listed in: Technology

[bounty] SecurePoint UTM, Chfn, and Docker Named Pipe Vulns

Published: April 25, 2023, 8 p.m.
Duration: 37 minutes 44 seconds

Listed in: Technology

[binary] Glitching the Wii-U and Integer Overflows

Published: April 13, 2023, midnight
Duration: 53 minutes 31 seconds

Listed in: Technology

[bounty] Pentaho Pre-Auth RCE and Theft by CAN Injection

Published: April 11, 2023, 8 p.m.
Duration: 31 minutes 50 seconds

Listed in: Technology

[binary] A SNIProxy Bug and a Samsung NPU Double Free

Published: April 6, 2023, midnight
Duration: 43 minutes 16 seconds

Listed in: Technology

[bounty] Bamboozling Bing and a Curl Gotcha

Published: April 4, 2023, 8 p.m.
Duration: 44 minutes 18 seconds

Listed in: Technology

[binary] 200th Episode! Integer Bugs & Synthetic Memory Protections

Published: March 30, 2023, midnight
Duration: 1 hour 8 minutes 19 seconds

Listed in: Technology

[bounty] Bypassing CloudTrail and Tricking GPTs

Published: March 28, 2023, 8 p.m.
Duration: 51 minutes 7 seconds

Listed in: Technology

[binary] TOCTOUs in Intel SMM and Shannon Baseband Bugs

Published: March 23, 2023, midnight
Duration: 44 minutes 49 seconds

Listed in: Technology

[bounty] Popping Azure Web Services and Apollo Config Bugs

Published: March 21, 2023, 8 p.m.
Duration: 41 minutes 38 seconds

Listed in: Technology

[binary] An OpenBSD overflow and TPM bugs

Published: March 16, 2023, midnight
Duration: 41 minutes 14 seconds

Listed in: Technology

[bounty] Stealing Secrets with Security Advisories and CorePlague

Published: March 14, 2023, 8 p.m.
Duration: 30 minutes 51 seconds

Listed in: Technology

[binary] Hacking the DSi and some Fuzzing Tips

Published: March 9, 2023, 1 a.m.
Duration: 33 minutes 36 seconds

Listed in: Technology

[bounty] ImageMagick, Cracking SmartLocks, and Broken OAuth

Published: March 7, 2023, 9 p.m.
Duration: 41 minutes 2 seconds

Listed in: Technology

[binary] A GPU Bug and the World's Worst Fuzzer Findings

Published: March 2, 2023, midnight
Duration: 28 minutes 56 seconds

Listed in: Technology

[bounty] Param Pollution in Golang, OpenEMR, and CRLF Injection

Published: Feb. 28, 2023, 9 p.m.
Duration: 38 minutes 6 seconds

Listed in: Technology

[binary] Fuzzing cURL, Netatalk, and an Emulator Escape

Published: Feb. 23, 2023, 1 a.m.
Duration: 40 minutes 11 seconds

Listed in: Technology

[bounty] Compromising Azure, Password Verification Fails, and Readline Crime

Published: Feb. 21, 2023, 9 p.m.
Duration: 32 minutes 41 seconds

Listed in: Technology

[binary] Rusty Kernel Bugs, mast1c0re, and OpenSSH

Published: Feb. 16, 2023, midnight
Duration: 45 minutes 29 seconds

Listed in: Technology

[bounty] Top 2022 Web Hacking Techniques and a Binance Bug

Published: Feb. 14, 2023, 9 p.m.
Duration: 31 minutes 21 seconds

Listed in: Technology

[binary] An XNU Exploit and a Chrome Heap Overflow

Published: Feb. 9, 2023, 1 a.m.
Duration: 33 minutes 2 seconds

Listed in: Technology

[bounty] Facebook Account Takeovers and a vBulletin RCE

Published: Feb. 7, 2023, 9:14 p.m.
Duration: 40 minutes 59 seconds

Listed in: Technology

[binary] KASAN comes to Windows and Shuffling ROP Gadgets

Published: Feb. 2, 2023, 1 a.m.
Duration: 41 minutes 17 seconds

Listed in: Technology

[bounty] CSS Injection and a Google Cloud Project Takeover Bug

Published: Jan. 31, 2023, 9 p.m.
Duration: 28 minutes 4 seconds

Listed in: Technology

[binary] Exploiting Null Derefs and Windows Type COM-fusion

Published: Jan. 26, 2023, 1 a.m.
Duration: 51 minutes 4 seconds

Listed in: Technology

[bounty] Cloud Bugs and More Vulns in Galaxy App Store

Published: Jan. 24, 2023, 9:04 p.m.
Duration: 29 minutes 49 seconds

Listed in: Technology

[binary] An iPod Nano Bug, XNU Vuln, and a WebKit UAF

Published: Jan. 19, 2023, 1 a.m.
Duration: 45 minutes 10 seconds

Listed in: Technology

[bounty] Client-Side Path Traversal and Hiding Your Entitlement(s)

Published: Jan. 17, 2023, 9 p.m.
Duration: 48 minutes 47 seconds

Listed in: Technology

[binary] Attacking Bhyves and a Kernel UAF

Published: Jan. 12, 2023, 1 a.m.
Duration: 46 minutes 55 seconds

Listed in: Technology

[bounty] Web Hackers vs. Cars and a Facebook Account Takeover

Published: Jan. 10, 2023, 9 p.m.
Duration: 1 hour 2 minutes 33 seconds

Listed in: Technology

[binary] JS Type Confusions and Bringing Back Stack Attacks

Published: Dec. 15, 2022, 1 a.m.
Duration: 40 minutes 2 seconds

Listed in: Technology

[bounty] Pwn2Own Bugs and WAF Bypasses

Published: Dec. 13, 2022, 9 p.m.
Duration: 1 hour 30 seconds

Listed in: Technology

[binary] A Huawei Hypervisor Vuln and More Memory Safety

Published: Dec. 8, 2022, 1 a.m.
Duration: 47 minutes 30 seconds

Listed in: Technology

[bounty] Remotely Controlling Hyundai and a League of Legends XSS

Published: Dec. 6, 2022, 9 p.m.
Duration: 42 minutes 40 seconds

Listed in: Technology

[binary] Patch Gaps and Apple Neural Engine Vulns

Published: Dec. 1, 2022, 1 a.m.
Duration: 43 minutes 49 seconds

Listed in: Technology

[bounty] Tailscale RCE, an SQLi in PAM360, and Exploiting Backstage

Published: Nov. 29, 2022, 9 p.m.
Duration: 44 minutes 32 seconds

Listed in: Technology

[binary] Hacking Pixel Bootloaders and Injecting Bugs

Published: Nov. 24, 2022, 1 a.m.
Duration: 48 minutes 19 seconds

Listed in: Technology

[bounty] Racing Grafana, Stealing Mastadon Passwords, and Cross-Site Tracing

Published: Nov. 22, 2022, 9 p.m.
Duration: 30 minutes 47 seconds

Listed in: Technology

[binary] Exploiting Undefined Behavior and a Chrome UAF

Published: Nov. 17, 2022, midnight
Duration: 27 minutes 16 seconds

Listed in: Technology

[bounty] Bypassing Pixel Lock Screens and Checkmk RCE

Published: Nov. 15, 2022, 9 p.m.
Duration: 1 hour 1 minute 17 seconds

Listed in: Technology

[binary] OpenSSL Off-by-One, Java XML Bugs, and an In-the-Wild Samsung Chain

Published: Nov. 10, 2022, 1 a.m.
Duration: 1 hour 40 seconds

Listed in: Technology

[bounty] Apache Batik, Static Site Generators, and an Android App Vuln

Published: Nov. 8, 2022, 9 p.m.
Duration: 48 minutes 29 seconds

Listed in: Technology

[binary] XNU's kalloc_type, Stranger Strings, and a NetBSD Bug

Published: Nov. 3, 2022, midnight
Duration: 46 minutes 58 seconds

Listed in: Technology

[bounty] A Galaxy Store Bug, Facebook CSRF, and Google IDOR

Published: Nov. 1, 2022, 8 p.m.
Duration: 28 minutes 40 seconds

Listed in: Technology

[binary] Edge Vulns, a SHA-3 Overflow, and an io_uring Exploit

Published: Oct. 27, 2022, midnight
Duration: 38 minutes 31 seconds

Listed in: Technology

[bounty] XMPP Stanza Smuggling in Jabber and a Cobalt Strike RCE

Published: Oct. 25, 2022, 8 p.m.
Duration: 40 minutes 46 seconds

Listed in: Technology

[binary] Some Browser Exploitation and a Format String Bug?

Published: Oct. 20, 2022, midnight
Duration: 43 minutes 47 seconds

Listed in: Technology

[bounty] GitHub to GitLab RCE and a new PHP Supply Chain Attack

Published: Oct. 18, 2022, 8 p.m.
Duration: 25 minutes 37 seconds

Listed in: Technology

[binary] i.MX Secure Boot Bypass and a Hancom Office Underflow

Published: Oct. 13, 2022, midnight
Duration: 36 minutes 9 seconds

Listed in: Technology

[bounty] Got UNIX Sockets and Some Filter Bypasses?

Published: Oct. 11, 2022, 8 p.m.
Duration: 44 minutes 30 seconds

Listed in: Technology

[binary] Pwning Scoreboards, uClibC, and PS5 Exploitation

Published: Oct. 6, 2022, midnight
Duration: 42 minutes 33 seconds

Listed in: Technology

[bounty] Akamai Cache Poisoning and a Chrome Universal XSS

Published: Oct. 4, 2022, 8 p.m.
Duration: 33 minutes 5 seconds

Listed in: Technology

[binary] SoCs with Holes, Crow HTTP Bugs, and Bypassing Intel CET

Published: Sept. 29, 2022, 12:15 a.m.
Duration: 53 minutes 49 seconds

Listed in: Technology

[bounty] Web3 Universal XSS, Breaking BitBucket, and WAF Bypasses

Published: Sept. 27, 2022, 8 p.m.
Duration: 45 minutes 17 seconds

Listed in: Technology

[binary] An iOS Bug, Attacking Titan-M, and MTE Arrives

Published: Sept. 22, 2022, 1 a.m.
Duration: 1 hour 15 minutes 31 seconds

Listed in: Technology

[bounty] Reading GitLab Hidden HackerOne Reports and Golang Parameter Smuggling

Published: Sept. 20, 2022, 8 p.m.
Duration: 1 hour 15 minutes 20 seconds

Listed in: Technology

[binary] Fuchsia OS, Printer Bugs, and Hacking Radare2

Published: June 2, 2022, midnight
Duration: 54 minutes 43 seconds

Listed in: Technology

[bounty] A Zoom RCE, VMware Auth Bypass, and GitLab Stored XSS

Published: May 31, 2022, 8 p.m.
Duration: 51 minutes 35 seconds

Listed in: Technology

[binary] Pwn2Own, Parallels Desktop, and an AppleAVD Bug

Published: May 26, 2022, 1:59 a.m.
Duration: 34 minutes 29 seconds

Listed in: Technology

[bounty] Stealing DropBox Google Drive Tokens, a GitLab Bug, and macOS "Powerdir" Vulnerability

Published: May 24, 2022, 8 p.m.
Duration: 32 minutes 32 seconds

Listed in: Technology

[binary] Python 3 UAF and PS4/PS5 PPPoE Kernel Bug

Published: May 19, 2022, midnight
Duration: 38 minutes 15 seconds

Listed in: Technology

[bounty] Deleting Rubygems, BIG-IP Auth Bypass, and a Priceline Account Takeover

Published: May 17, 2022, 8 p.m.
Duration: 34 minutes 23 seconds

Listed in: Technology

[binary] Pwn2Owning Routers and Anker Eufy Bugs

Published: May 12, 2022, midnight
Duration: 30 minutes 40 seconds

Listed in: Technology

[bounty] Cloudflare Pages, Hacking a Bank, and Attacking Price Oracles

Published: May 10, 2022, 8 p.m.
Duration: 38 minutes 36 seconds

Listed in: Technology

[binary] NimbusPwn, a CLFS Vulnerability, and DatAFLow (Fuzzing)

Published: May 5, 2022, midnight
Duration: 41 minutes 59 seconds

Listed in: Technology

[bounty] XSS for NFTs, a VMWare Workspace ONE UEM SSRF, and GitLab CI Container Escape

Published: May 3, 2022, 8 p.m.
Duration: 37 minutes 6 seconds

Listed in: Technology

[binary] Getting into Vulnerability Research and a FUSE use-after-free

Published: April 28, 2022, midnight
Duration: 49 minutes 54 seconds

Listed in: Technology

[bounty] A Struts RCE, Broken Java ECDSA (Psychic Signatures) and a Bad Log4Shell Fix

Published: April 26, 2022, 9 p.m.
Duration: 32 minutes 44 seconds

Listed in: Technology

[binary] Another iOS Bug and Edge Chakra Exploitation

Published: April 21, 2022, midnight
Duration: 55 minutes 33 seconds

Listed in: Technology

[bounty] Taking Over an Internal AWS Service and an Interesting XSS Vector

Published: April 19, 2022, 8 p.m.
Duration: 22 minutes 28 seconds

Listed in: Technology

[binary] A subtle iOS parsing bug and a PHP use-after-free

Published: April 14, 2022, midnight
Duration: 54 minutes 55 seconds

Listed in: Technology

[bounty] A Double-Edged SSRF, Pritunl VPN LPE, and a NodeBB Vuln

Published: April 12, 2022, 8 p.m.
Duration: 26 minutes 11 seconds

Listed in: Technology

[binary] FORCEDENTRY Sandbox Escape and NetFilter Bugs

Published: April 7, 2022, midnight
Duration: 42 minutes 33 seconds

Listed in: Technology

[bounty] Spring4Shell, PEAR Bugs, and GitLab Hardcoded Passwords

Published: April 5, 2022, 8 p.m.
Duration: 1 hour 2 minutes 10 seconds

Listed in: Technology

[binary] Pwning WD NAS, NetGear Routers, and Overflowing Kernel Pages

Published: March 31, 2022, midnight
Duration: 32 minutes 23 seconds

Listed in: Technology

[bounty] GitLab Arbitrary File Read and Bypassing PHP's filter_var

Published: March 29, 2022, 8 p.m.
Duration: 34 minutes 56 seconds

Listed in: Technology

[binary] Chrome Heap OOB Access and TLStorm

Published: March 24, 2022, midnight
Duration: 33 minutes 14 seconds

Listed in: Technology

[bounty] DOMPDF XSS to RCE, Chrome Leaking Envrionment Vars, and cr8escape

Published: March 22, 2022, 8 p.m.
Duration: 39 minutes 41 seconds

Listed in: Technology

[binary] A Windows UAF, Branch Prediction Bugs, and an io_uring Exploit

Published: March 17, 2022, 2 a.m.
Duration: 1 hour 16 minutes 52 seconds

Listed in: Technology

[bounty] Pascom RCE, AutoWarp, and a GKE Container Escape

Published: March 15, 2022, 8 p.m.
Duration: 33 minutes 16 seconds

Listed in: Technology

[binary] Dirty Pipe and Analyzing Memory Tagging

Published: March 10, 2022, 1 a.m.
Duration: 46 minutes 51 seconds

Listed in: Technology

[bounty] Facebook Exploits, pfSense RCE, and MySQLjs SQLi

Published: March 8, 2022, 9 p.m.
Duration: 50 minutes 29 seconds

Listed in: Technology

[binary] ImageGear JPEG Vulns, NetFilter, and a LibCurl Memory Disclosure

Published: March 3, 2022, 1 a.m.
Duration: 26 minutes 5 seconds

Listed in: Technology

[bounty] DynamicWeb RCE, VMWare Bugs, and Exploiting GitHub Actions

Published: March 1, 2022, 9 p.m.
Duration: 34 minutes 13 seconds

Listed in: Technology

[binary] Zynq-7000 Secure Boot Bypass and Compiler-Created Bugs

Published: Feb. 24, 2022, 1 a.m.
Duration: 1 hour 5 minutes 6 seconds

Listed in: Technology

[bounty] CoinDesk, Zabbix, and Leaking Secrets Through Mirrored Repos

Published: Feb. 22, 2022, 9 p.m.
Duration: 34 minutes 53 seconds

Listed in: Technology

[binary] Another Kernel TIPC Bug, MySQL, and Buggy Go

Published: Feb. 17, 2022, 1 a.m.
Duration: 48 minutes 2 seconds

Listed in: Technology

[bounty] Baby Monitor Bugs, Grafana, and Twitter De-anonymization

Published: Feb. 16, 2022, 1 a.m.
Duration: 42 minutes 37 seconds

Listed in: Technology

[binary] Fastly Infoleak, Samba OOB Access, and Pwning MacOS

Published: Feb. 10, 2022, 1 a.m.
Duration: 52 minutes 42 seconds

Listed in: Technology

[bounty] Hacking Google Drive Integrations and XSS Puzzles

Published: Feb. 8, 2022, 9 p.m.
Duration: 44 minutes 5 seconds

Listed in: Technology

[binary] PwnKit, a Win32k Type Confusion, and Binary Ninja 3.0

Published: Feb. 3, 2022, 1 a.m.
Duration: 48 minutes 5 seconds

Listed in: Technology

[bounty] Zoho Auth Bypass, a Bogus Bug, and Leaking Microsoft Bug Reports

Published: Feb. 1, 2022, 9 p.m.
Duration: 53 minutes 59 seconds

Listed in: Technology

[binary] NetUSB RCE, a Linux Kernel Heap Overflow, and an XNU Use-After-Free

Published: Jan. 27, 2022, 1 a.m.
Duration: 50 minutes 52 seconds

Listed in: Technology

[bounty] Bypassing Box MFA and Bad AES Key Generation

Published: Jan. 25, 2022, 9 p.m.
Duration: 33 minutes 25 seconds

Listed in: Technology

[binary] Pwning Camera and Overflowing your Integers

Published: Jan. 20, 2022, 1 a.m.
Duration: 26 minutes 36 seconds

Listed in: Technology

[bounty] Bad Code and Bad URLs

Published: Jan. 18, 2022, 9 p.m.
Duration: 36 minutes 49 seconds

Listed in: Technology

[Binary] Rooting Ubuntu By Accident and Samsung Kernel Bugs

Published: Jan. 13, 2022, 1 a.m.
Duration: 42 minutes 56 seconds

Listed in: Technology

[Bounty] RocketChat RCE, Flickr, and a Critical Smart Contract Bug

Published: Jan. 11, 2022, 9 p.m.
Duration: 57 minutes 17 seconds

Listed in: Technology

An Android Kernel Bug and a Chrome+Edge Bug [Binary Exploitation]

Published: Dec. 16, 2021, 1 a.m.
Duration: 58 minutes 15 seconds

Listed in: Technology

Log4j RCE coming to a service near you and uBlock CSS Injection [Bounty]

Published: Dec. 15, 2021, 2:42 a.m.
Duration: 1 hour 8 minutes 2 seconds

Listed in: Technology

MediaTek, Yet Another Chrome Bug, and BigSig [Binary Exploitation]

Published: Dec. 9, 2021, 1 a.m.
Duration: 48 minutes 38 seconds

Listed in: Technology

Bypassing MFA, WebCache Poisoning, and AWS SageMaker [Bounty Hunting]

Published: Dec. 7, 2021, 9 p.m.
Duration: 39 minutes 4 seconds

Listed in: Technology

KVM Bugs and an iOS IOMFB Kernel Exploit [Binary Exploitation]

Published: Dec. 2, 2021, 1 a.m.
Duration: 57 minutes 4 seconds

Listed in: Technology

GitLab Prototype Pollution and Some Authentication Bypasses [Bounty Hunting]

Published: Nov. 30, 2021, 9 p.m.
Duration: 26 minutes 40 seconds

Listed in: Technology

Hacking Neural Nets, a Chrome WebRTC UAF and Pwning Windows [Binary Exploitation]

Published: Nov. 25, 2021, 1 a.m.
Duration: 45 minutes 4 seconds

Listed in: Technology

Big Bounties by Exploiting WebKit's CSP & Concrete CMS Bugs [Bounty Hunting]

Published: Nov. 23, 2021, 9 p.m.
Duration: 38 minutes 10 seconds

Listed in: Technology

DDR4 Rowhammer, Azure Bugs, "Essential 0days", and Backdoored IDA [Binary Exploitation]

Published: Nov. 18, 2021, 1 a.m.
Duration: 1 hour 8 minutes 46 seconds

Listed in: Technology

Rust in the Web? A Special Guest and some Bad Crypto [Bounty Hunting]

Published: Nov. 16, 2021, 9 p.m.
Duration: 1 hour 21 minutes 4 seconds

Listed in: Technology

A too trusty TrustZone and a few Linux Kernel bugs [Binary Exploitation]

Published: Nov. 11, 2021, 1 a.m.
Duration: 1 hour 1 minute 27 seconds

Listed in: Technology

A MacOS SIP Bypass & an XSS Fiesta [Bounty Hunting]

Published: Nov. 9, 2021, 9 p.m.
Duration: 51 minutes 25 seconds

Listed in: Technology

Type Confusion in Android NFC, PHP-FPM Local Privilege Escalation, and CallbackHell [Binary Exploitation]

Published: Nov. 4, 2021, midnight
Duration: 47 minutes 39 seconds

Listed in: Technology

Discourse SNS RCE, a Stored XSS in GitLab, and a Reddit Race Condition [Bug Hunting]

Published: Nov. 2, 2021, 8 p.m.
Duration: 44 minutes 18 seconds

Listed in: Technology

A Kernel Race, SuDump, and a Chrome Garbage Collector Bug [Exploit Dev/VR]

Published: Oct. 28, 2021, midnight
Duration: 1 hour 16 minutes 8 seconds

Listed in: Technology

A Slack Attack and a MySQL Scientific Notation Bug [Bug Hunting]

Published: Oct. 26, 2021, 8 p.m.
Duration: 42 minutes 1 second

Listed in: Technology

WebKit Bugs, a Windows Race, and House of IO Improved [Exploit Dev/VR]

Published: Oct. 21, 2021, midnight
Duration: 1 hour 4 minutes 3 seconds

Listed in: Technology

WebSocket Hijacking, GitHub review bypass and SQLi to RCE [Bug Hunting]

Published: Oct. 19, 2021, 8 p.m.
Duration: 45 minutes 47 seconds

Listed in: Technology

HyperKit Bugs & an Open5GS Stack Overflow [Binary Exploitation]

Published: Oct. 14, 2021, midnight
Duration: 32 minutes 16 seconds

Listed in: Technology

SharePoint RCE & an Apache Path Traversal [Bug Hunting]

Published: Oct. 12, 2021, 8 p.m.
Duration: 31 minutes 20 seconds

Listed in: Technology

Chrome Exploits and a Firefox Update Bug [Binary Exploitation]

Published: Oct. 7, 2021, midnight
Duration: 31 minutes 55 seconds

Listed in: Technology

Gatekeeper Bypass, Opera RCE, and Prototype Pollution [Bounty Hunting]

Published: Oct. 5, 2021, 8 p.m.
Duration: 1 hour 19 seconds

Listed in: Technology

Kernel UAFs and a Parallels VM Escape [Binary Exploitation]

Published: Sept. 30, 2021, midnight
Duration: 59 minutes 44 seconds

Listed in: Technology

iOS 0days, Apache Dubbo RCEs, and NPM bugs [Bounty Hunting]

Published: Sept. 29, 2021, 2:56 a.m.
Duration: 56 minutes 3 seconds

Listed in: Technology

A Curl UAF, iPhone FORCEDENTRY, and a Crazy HP OMEN Driver [Binary Exploitation]

Published: Sept. 23, 2021, midnight
Duration: 46 minutes 48 seconds

Listed in: Technology

A Flickr CSRF, GitLab, & OMIGOD, Azure again? [Bounty Hunting]

Published: Sept. 21, 2021, 9 p.m.
Duration: 56 minutes 52 seconds

Listed in: Technology

NETGEAR smart switches, SpookJS, & Parallels Desktop [Binary Exploitation]

Published: Sept. 16, 2021, midnight
Duration: 1 hour 12 minutes 43 seconds

Listed in: Technology

Reused VMWare exploits & Escaping Azure Container Instances [Bounty Hunting]

Published: Sept. 14, 2021, 8 p.m.
Duration: 1 hour 1 minute 28 seconds

Listed in: Technology

Escaping the Bhyve, WhatsApp, & BrakTooth [Binary Exploitation]

Published: Sept. 9, 2021, midnight
Duration: 1 hour 18 minutes 17 seconds

Listed in: Technology

Takeover A Facebook, SnapChat or JetBrains Account [Bounty Hunting]

Published: Sept. 7, 2021, 8:28 p.m.
Duration: 1 hour 5 minutes 42 seconds

Listed in: Technology

NoSQL Injection, Mobile Misconfigurations and a Wormable Windows Bug

Published: May 25, 2021, 10 p.m.
Duration: 1 hour 10 minutes 46 seconds

Listed in: Technology

Cross-Browser Tracking, Frag Attacks, and Malicious Rust Macros

Published: May 18, 2021, 10 p.m.
Duration: 1 hour 18 minutes 52 seconds

Listed in: Technology

Fake Vulns, More Valve, and an AWS Cognito issue

Published: May 11, 2021, 10 p.m.
Duration: 1 hour 30 minutes 17 seconds

Listed in: Technology

Defcon Quals, Dead ops, BadAllocs, Wordpress XXE

Published: May 4, 2021, 10 p.m.
Duration: 1 hour 44 minutes 36 seconds

Listed in: Technology

Bad Patches, Fuzzing Sockets, & 3DS Hacked by Super Mario

Published: April 27, 2021, 10 p.m.
Duration: 1 hour 49 minutes 51 seconds

Listed in: Technology

Windows Bugs, Duo 2FA Bypass, and some Reverse Engineering

Published: April 20, 2021, 10 p.m.
Duration: 1 hour 23 minutes 50 seconds

Listed in: Technology

Pwn2own, Linux Kernel Exploits, and Malicious Mail

Published: April 13, 2021, 10 p.m.
Duration: 1 hour 40 minutes 6 seconds

Listed in: Technology

Speculation in Predictive Store Forwarding, Broken Fixes, and Owning Rocket.Chat

Published: April 6, 2021, 10 p.m.
Duration: 1 hour 25 minutes 3 seconds

Listed in: Technology

Google exposes an APT campaign, PHP owned, and Several Auth Issues

Published: March 30, 2021, 10 p.m.
Duration: 2 hours 16 minutes 35 seconds

Listed in: Technology

Fast Fuzzing, Malicious Pull Requests, and Rust in my kernel?!

Published: March 23, 2021, 10 p.m.
Duration: 1 hour 45 minutes 13 seconds

Listed in: Technology

Hacking Cameras, Stealing Logins, and Breaking Git

Published: March 16, 2021, 10 p.m.
Duration: 1 hour 11 minutes 35 seconds

Listed in: Technology

Buggy Browsers, Heap Grooming, and Broken RSA?

Published: March 9, 2021, 11 p.m.
Duration: 1 hour 7 minutes 59 seconds

Listed in: Technology

BlackHat USA, Pre-Auth RCEs, and JSON Smuggling

Published: March 2, 2021, 11 p.m.
Duration: 1 hour 9 minutes 44 seconds

Listed in: Technology

PDF Exploits, GPGME Making Mistakes EZ and Favicon Tracking

Published: Feb. 23, 2021, 11 p.m.
Duration: 1 hour 24 minutes 29 seconds

Listed in: Technology

Industrial Control Fails and a Package disguised in your own supply

Published: Feb. 16, 2021, 11 p.m.
Duration: 1 hour 44 minutes 41 seconds

Listed in: Technology

MediaTek BootROM Broken, Free Coffee, and an iOS Kernel Exploit

Published: Feb. 9, 2021, 11 p.m.
Duration: 1 hour 34 minutes 14 seconds

Listed in: Technology

OSED, North Korean hackers, NAT Slipstream 2.0, and PGP (in)security

Published: Feb. 2, 2021, 11 p.m.
Duration: 2 hours 11 minutes 15 seconds

Listed in: Technology

Snooping YouTube History and Breaking State Machines

Published: Jan. 26, 2021, 11 p.m.
Duration: 57 minutes 42 seconds

Listed in: Technology

Breaking Lock Screens & The Great Vbox Escape

Published: Jan. 19, 2021, 11 p.m.
Duration: 1 hour 24 minutes 32 seconds

Listed in: Technology

Universal Deserialization, Stealing Youtube Videos, and CTFs

Published: Jan. 12, 2021, 11 p.m.
Duration: 1 hour 17 minutes 33 seconds

Listed in: Technology

Hacking Nintendo 3DS, Apple vs Corellium, and Android Bugs

Published: Jan. 5, 2021, 11 p.m.
Duration: 1 hour 31 minutes 55 seconds

Listed in: Technology

Fireeye, PS4 exploit, and MacOS LPE

Published: Dec. 15, 2020, 11 p.m.
Duration: 1 hour 50 minutes 48 seconds

Listed in: Technology

Rooting iOS, Hacking with cURL, and the end of Use-After-Free

Published: Dec. 8, 2020, 11 p.m.
Duration: 1 hour 35 minutes 37 seconds

Listed in: Technology

Bad Blocklists, Legal News, and Windows Vulns

Published: Dec. 1, 2020, 11 p.m.
Duration: 1 hour 20 minutes 32 seconds

Listed in: Technology

Jailbreaks, Stealing Playstation Accounts, and Automatic Exploit Generation

Published: Nov. 24, 2020, 11 p.m.
Duration: 1 hour 30 minutes 42 seconds

Listed in: Technology

Hacking Voatz and Rooting Ubuntu

Published: Nov. 17, 2020, 11 p.m.
Duration: 1 hour 33 minutes 14 seconds

Listed in: Technology

Pwn2Own, Tianfu Cup, and Other Hacks

Published: Nov. 10, 2020, 11:40 p.m.
Duration: 1 hour 51 minutes 39 seconds

Listed in: Technology

A Look At OSEP, Hacking Metasploit and the Legal Risks of Research

Published: Nov. 3, 2020, 11 p.m.
Duration: 2 hours 7 minutes 54 seconds

Listed in: Technology

Low-cost Penetration Testing, High Performance Fuzzing and Github RCEs

Published: Oct. 27, 2020, 10 p.m.
Duration: 2 hours 31 minutes 5 seconds

Listed in: Technology

Some Discord, a Bad Neighbor and a BleedingTooth

Published: Oct. 20, 2020, 10 p.m.
Duration: 2 hours 16 minutes 27 seconds

Listed in: Technology

Breaking into HashiCorp Vault, Apple and Google

Published: Oct. 13, 2020, 10 p.m.
Duration: 1 hour 54 minutes 47 seconds

Listed in: Technology

Fingerprinting Exploit Devs, BLURtooth and Punking Punkbuster

Published: Oct. 6, 2020, 10 p.m.
Duration: 2 hours 4 minutes 56 seconds

Listed in: Technology

Instagram Hacks, Half-life 1 Exploits, and Gaslighting Android

Published: Sept. 29, 2020, 10 p.m.
Duration: 2 hours 4 minutes 30 seconds

Listed in: Technology

Bhyves and Evil LEDs (+Roulette)

Published: Sept. 22, 2020, 10 p.m.
Duration: 1 hour 39 minutes 25 seconds

Listed in: Technology

Raccoons, Incomplete fixes and Kernel Exploits

Published: Sept. 15, 2020, 10 p.m.
Duration: 2 hours 22 minutes 39 seconds

Listed in: Technology

Zoom E2E, 15 year old bugs, and killing 20 year old attacks

Published: May 26, 2020, 10 p.m.
Duration: 2 hours 21 minutes 45 seconds

Listed in: Technology

iOS 0days are worthless, PrintDemon, and a takeover of hackerone

Published: May 19, 2020, 10 p.m.
Duration: 2 hours 32 minutes 2 seconds

Listed in: Technology

Defcon is canceled, Microsoft was hacked, Rust has vulns

Published: May 12, 2020, 10 p.m.
Duration: 2 hours 17 minutes 21 seconds

Listed in: Technology

Auth Bypass, XSS, RCE and more

Published: May 5, 2020, 10 p.m.
Duration: 2 hours 20 minutes 33 seconds

Listed in: Technology

Relyze Decompiler, jQuery XSS, Sandbox Escaping and 0-Click Mail RCE

Published: April 28, 2020, 10 p.m.
Duration: 2 hours 4 minutes 41 seconds

Listed in: Technology

Binary Ninja's Decompiler, git credential leak, cross-platform LPEs

Published: April 21, 2020, 10 p.m.
Duration: 2 hours 30 minutes 38 seconds

Listed in: Technology

IDA...Go home, Sandboxie source, and some RCEs (TP-Link, Starcraft 1, OhMyZsh)

Published: April 14, 2020, 10 p.m.
Duration: 1 hour 30 minutes

Listed in: Technology

Zoom-ers, VM Escapes, and Pegasus Resurfaces

Published: April 7, 2020, 10 p.m.
Duration: 2 hours 10 minutes 24 seconds

Listed in: Technology

A shortcut (.lnk) to RCE, Pi-Hole, Shadow Stacks, and fine-grained kASLR

Published: March 31, 2020, 10 p.m.
Duration: 1 hour 48 minutes 20 seconds

Listed in: Technology

Pwn2Own Results, Voatz (again), some web-exploits and a code-reuse mitigation

Published: March 24, 2020, 10 p.m.
Duration: 1 hour 40 minutes 7 seconds

Listed in: Technology

How to Hack a CTF and more (LVI, TRRespass and some web-exploits)

Published: March 17, 2020, 10 p.m.
Duration: 1 hour 57 minutes 15 seconds

Listed in: Technology

FuzzBench, MediaTek-su, Request Smuggling, and Memory Tagging

Published: March 10, 2020, 10 p.m.
Duration: 2 hours 14 minutes 29 seconds

Listed in: Technology

kr00k, GhostCat, and more issues from NordVPN, Samsung, OpenSMTPd

Published: March 3, 2020, 11 p.m.
Duration: 1 hour 46 minutes 52 seconds

Listed in: Technology

A Dark White-Hat hacker? and various vulns ft. Cisco, Periscope, NordVPN and Tesla/EyeQ

Published: Feb. 25, 2020, 11 p.m.
Duration: 2 hours 52 seconds

Listed in: Technology

A New PWK/OSCP, Election Hacking, Kernel Exploits, and Fuzzing

Published: Feb. 18, 2020, 11 p.m.
Duration: 2 hours 5 minutes 12 seconds

Listed in: Technology

Hack Twitter, WhatsApp and all your Cisco phones (CDPwn) ft. GhostKnight

Published: Feb. 11, 2020, 11 p.m.
Duration: 1 hour 38 minutes 41 seconds

Listed in: Technology

OK Google, sudo ./hacktheplanet

Published: Feb. 4, 2020, 11 p.m.
Duration: 1 hour 49 minutes 41 seconds

Listed in: Technology

Return of the Zombieload, Bezos Hacked, and other exploits

Published: Jan. 27, 2020, 11 p.m.
Duration: 1 hour 55 minutes 31 seconds

Listed in: Technology

Project Verona, CurveBall, CableHaunt, and RCEs-a-plenty

Published: Jan. 21, 2020, 11 p.m.
Duration: 1 hour 47 minutes 5 seconds

Listed in: Technology

SHA-mbles, Shitrix, Responsible Disclosure, and wtf is TikTok doing?

Published: Jan. 14, 2020, 11 p.m.
Duration: 1 hour 56 minutes 2 seconds

Listed in: Technology

First Edge bounty, Hacking Tesla via Wi-Fi, Cisco advisories, and Shadow Clones

Published: Jan. 8, 2020, midnight
Duration: 2 hours 20 minutes 30 seconds

Listed in: Technology

PlunderVolt, Real-World Bug Hunting, Presidents Cup CTF, SockPuppet and more

Published: Dec. 17, 2019, 11 p.m.
Duration: 2 hours 13 minutes 6 seconds

Listed in: Technology

Permanent DoS, HackerOne Hacked, and Wide-OpenBSD

Published: Dec. 10, 2019, 11 p.m.
Duration: 2 hours 14 minutes 23 seconds

Listed in: Technology

CWE Top 25, Hacking Anti-Viruses and Adversarial Machine Learning Attacks

Published: Dec. 3, 2019, 11 p.m.
Duration: 1 hour 55 minutes 35 seconds

Listed in: Technology

What does the NSA say?

Published: Nov. 26, 2019, 11 p.m.
Duration: 2 hours 19 minutes 14 seconds

Listed in: Technology

Election hacking, Kernel Security, MDS Attacks and Github's Security Lab

Published: Nov. 19, 2019, 11 p.m.
Duration: 2 hours 32 minutes 43 seconds

Listed in: Technology

Rogue Employees, Lasers, Fuzzing, and an iOS Exploit (checkra1n)

Published: Nov. 13, 2019, 8:40 a.m.
Duration: 1 hour 34 minutes 28 seconds

Listed in: Technology

A Bit of everything: 0days, Breaches, Lawsuits, Attacking AI, and some insecure

Published: Nov. 5, 2019, 11:31 p.m.
Duration: 1 hour 34 minutes 6 seconds

Listed in: Technology

NordVPN Again, Snowden, CPDoS, a PHP-RCE, and some console hacking

Published: Oct. 28, 2019, 9:42 p.m.
Duration: 1 hour 59 minutes 18 seconds

Listed in: Technology

Linux Exploits, Secure Credentials, Side-Channels and Election(SDK) hacking

Published: Oct. 21, 2019, 10 p.m.
Duration: 2 hours 13 minutes 43 seconds

Listed in: Technology

When your errors have errors...

Published: Oct. 14, 2019, 9:55 p.m.
Duration: 1 hour 48 minutes 40 seconds

Listed in: Technology

Exploits-galore iOS (checkm8), Android, Signal, Whatsapp, PHP and more

Published: Oct. 7, 2019, 9 p.m.
Duration: 1 hour 50 minutes 55 seconds

Listed in: Technology

Offensive Security's OSWE/AWAE, Massive Security failures, and a handful of cool attacks

Published: May 27, 2019, 9:58 p.m.
Duration: 2 hours 15 minutes 47 seconds

Listed in: Technology

Intel has done it again, ft. Zombies, Cats, and Windows exploits

Published: May 20, 2019, 9:37 p.m.
Duration: 1 hour 44 minutes 51 seconds

Listed in: Technology

The Unhackable Morpheus chip and other exploit mitigations

Published: May 13, 2019, 10:31 p.m.
Duration: 2 hours 18 minutes 23 seconds

Listed in: Technology

Another CSG0-day, Ransomware? and a 36 year old vuln

Published: May 6, 2019, 10:27 p.m.
Duration: 2 hours 37 minutes 20 seconds

Listed in: Technology

Docker, Government Attacks, and Best Practices

Published: April 29, 2019, 11:05 p.m.
Duration: 2 hours 2 minutes 55 seconds

Listed in: Technology

Fun Malware, Fun AI Tricks, and General Fun

Published: April 22, 2019, 10 p.m.
Duration: 1 hour 53 minutes 32 seconds

Listed in: Technology

Compromises, Challenge Design, and 0days

Published: April 16, 2019, 4:58 a.m.
Duration: 2 hours 40 minutes 1 second

Listed in: Technology

CTFs, Backdoors, and Control Flow Integrity

Published: April 2, 2019, 10 p.m.
Duration: 2 hours 8 minutes 38 seconds

Listed in: Technology

RE Tools, Ethereum, and Plaintext Passwords

Published: March 26, 2019, 12:50 a.m.
Duration: 2 hours 1 minute 18 seconds

Listed in: Technology

CSG0-Days, Exploit Mitigations, and Voting Systems

Published: March 18, 2019, 7 p.m.
Duration: 1 hour 39 minutes 15 seconds

Listed in: Technology

Zero-Days, Ghidra, and Questionable CVE's

Published: March 11, 2019, 7 p.m.
Duration: 2 hours 16 minutes 10 seconds

Listed in: Technology