Meysam's Avatar

Meysam

@r00tkitsmm

Security Researcher.

480
Followers 421
Following 33
Posts 09.05.2023
Joined
Posts Following

Latest posts by Meysam @r00tkitsmm

Post image

Come learn how to hack the XNU kernel, like a pro 🍎
with beautiful diagrams to guide every step. :)

πŸ“… Nov 10-12 (3 days)
πŸ“ Four Seasons Hotel Seoul, South Korea

πŸ”— More info powerofcommunity.net/#training

31.07.2025 06:36 πŸ‘ 5 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
GitHub - R00tkitSMM/Pishi: Pishi is a code coverage tool like kcov for macOS. Pishi is a code coverage tool like kcov for macOS. - R00tkitSMM/Pishi

Here is the source code of my fuzzer ai development for macOS.
github.com/R00tkitSMM/P...

17.04.2025 15:14 πŸ‘ 8 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

Oh, We have a long weekend ahead in Germany/Berlin.
Maybe I can finish my unpublished blog posts.
Share blogs or papers that I can read and enjoy.

16.04.2025 11:15 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Pishi Reloaded: Binary only address sanitizer for macOS KEXT. In the part 1 of my tutorial style blog post about fuzzing, I discussed how we can instrument the macOS KEXTs to collect code coverage at the basic block or edge level.

My new blog post, which I presented at #Zer0Con2025
A binary level macOS KEXT kernel address sanitizer

r00tkitsmm.github.io/fuzzing/2025...

10.04.2025 07:21 πŸ‘ 13 πŸ” 4 πŸ’¬ 0 πŸ“Œ 0

Will be in Korea next week for Zer0Con. Ping me and let’s chat about software security.

03.04.2025 17:42 πŸ‘ 2 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0
Preview
Code reuse in the age of kCET and HVCI

blog.slowerzs.net/posts/keyjum...

29.03.2025 21:05 πŸ‘ 5 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0

Paged Out! #6 has arrived! And it's jam-packed with content!
You can download it here:
pagedout.institute?page=issues....

29.03.2025 12:23 πŸ‘ 23 πŸ” 27 πŸ’¬ 0 πŸ“Œ 3
Preview
GitHub - jduck/bs25-slides: Slides from "Musing from Decades of Linux Kernel Security Research" at BOOTSTRAP25 Slides from "Musing from Decades of Linux Kernel Security Research" at BOOTSTRAP25 - jduck/bs25-slides

Happy to share my slides from BOOTSTRAP25. Unfortunately the bug discussed is still not patched in Linux 6.14.0 despite it being reported explicitly. Slides are in markdown but there's a PDF in "releases" too github.com/jduck/bs25-s...

25.03.2025 19:26 πŸ‘ 14 πŸ” 7 πŸ’¬ 1 πŸ“Œ 0

[RSS] The Evolution of Dirty COW (1)


u1f383.github.io ->


Original->

27.03.2025 20:03 πŸ‘ 4 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
Preview
GitHub - fkie-cad/squid: RISC-V emulator for high-performance fuzzing with AOT instead of JIT compilation πŸ¦‘ RISC-V emulator for high-performance fuzzing with AOT instead of JIT compilation πŸ¦‘ - fkie-cad/squid

Neat, #riscv emu with #LibAFL support
github.com/fkie-cad/squid

24.03.2025 22:18 πŸ‘ 7 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0

Did you know that pressing CTRL+D in linux terminal is like pressing ENTER? (to some extent, of course)
Well, I didn't, so after randomly investigating what CTRL+D actually does, I've decided it's a fun topic to write about:
hackarcana.com/article/ctrl...

11.03.2025 11:47 πŸ‘ 11 πŸ” 2 πŸ’¬ 3 πŸ“Œ 0
Librasan by WorksButNotTested Β· Pull Request #3023 Β· AFLplusplus/LibAFL Implementation of ASAN target side components in rust. The implementation sits alongside the existing libqasan (although that could be withdrawn in future if we are happy with it). It is selected ...

This is so cool: The LibAFL_QEMU ASan implementation was ported to rust
github.com/AFLplusplus/...

#LibAFL #QEMU #ASan #Rust

10.03.2025 16:29 πŸ‘ 11 πŸ” 4 πŸ’¬ 0 πŸ“Œ 0
Zer0Con Zer0Con is POC’s NEW β€˜CLOSED’ international security conference. It focuses on finding, analyzing, and exploiting vulnerabilities. Zer0Con aims to have high-level technical presentations.

I will talk about macOS Kernel fuzzing at the zer0con.org#schedule-sec... conference.

10.03.2025 18:27 πŸ‘ 4 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

Very interesting thank you

22.01.2025 16:45 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
From Day Zero to Zero Day Find security holes before the bad guys do.

nostarch.com/zero-day

08.01.2025 18:23 πŸ‘ 2 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Introduction to Computer Organization: ARM Edition Introduction to Computer Organization: ARM Edition [Plantz, Robert] on Amazon.com. *FREE* shipping on qualifying offers. Introduction to Computer Organization: ARM Edition

www.amazon.com/Introduction...

08.01.2025 18:22 πŸ‘ 2 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

I usually dig into a topic I research by googling and reading blogs, manuals, sources,… and have not read a technical book for a year.

What would you recommend for low level software/CPU/OS security/exploit topics?

08.01.2025 18:17 πŸ‘ 1 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0
Post image

All videos from The 38th Chaos Communication Congress (38C3) 2024:

media.ccc.de/b/congress/2...

#cybersecurity #informationsecurity #hacking #exploitation #iOS #android #apple #exploitation #reverseengineering #vulnerability

31.12.2024 17:42 πŸ‘ 30 πŸ” 17 πŸ’¬ 0 πŸ“Œ 1

Doing Apple Silicon’s security research for days non stop. Hope it becomes a blogpost at some point.

29.12.2024 20:15 πŸ‘ 2 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

I sometimes print them. But I think iPad is the only option to deal with PDFs.

28.12.2024 21:21 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image

Steve Glass, talks about potential vulnerabilities in TLV parser of AWDL in jun 2019,
And some months later ian beer reported that famous vulnerability in exactly TLV parser of AWDL.
Conferences are sources of ideas.

25.05.2023 08:34 πŸ‘ 6 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0

It’s not* the best option. :)

28.12.2024 13:34 πŸ‘ 1 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

Where do you read papers? I have kindle and it’s the best option.

28.12.2024 09:47 πŸ‘ 0 πŸ” 0 πŸ’¬ 3 πŸ“Œ 0

Thank you it’s too late for me now.

27.12.2024 11:50 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

I’m in Hamburg, but wouldn’t attend #38c3 due to ticket issue :)

27.12.2024 10:21 πŸ‘ 2 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

Re-sharing to keep bluesky rolling

go.bsky.app/EhGFSVj

24.12.2024 00:13 πŸ‘ 45 πŸ” 13 πŸ’¬ 0 πŸ“Œ 3
2024 LLVM Dev Mtg - Adding Pointer Authentication ABI support for your ELF platform
2024 LLVM Dev Mtg - Adding Pointer Authentication ABI support for your ELF platform YouTube video by LLVM

I have read and watched a lot of papers and presentations this week about
Compiler 🀝 OS 🀝SoC
security.
www.youtube.com/watch?v=bytW...
www.youtube.com/watch?v=C1nZ...

These two are about PAC

06.12.2024 10:36 πŸ‘ 4 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Low-Level Software Security for Compiler Developers

Pishi2 needed more compiler/LLVM
Knowledge.
This is very good reference.

llsoftsec.github.io/llsoftsecbook/

05.12.2024 12:21 πŸ‘ 4 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Pishi: Coverage guided macOS KEXT fuzzing. This blog post is the result of some weekend research, where I delved into Pishi, a static macOS kernel binary rewriting tool, which I presented at POC2024. During the weekdays, I focus on Linux kerne...

Have written new macOS binary level fuzzing blog post.
Second part of

r00tkitsmm.github.io/fuzzing/2024...

Don’t know when to publish it

03.12.2024 22:36 πŸ‘ 9 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0

Took 3 weeks off, bought a new MacBook. It’s to to fuzz the kernel.

29.11.2024 21:33 πŸ‘ 7 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0