HackSys Team

🚨 We're hiring! 🚨 Hi everyone! HackSys Inc. is seeking an enthusiastic **Vulnerability Researcher** (Windows/Android/Browser) to join our team full-time — here in India! 🇮🇳🛡️ 👀 What we’re looking for: - Approximately **2+ years of experience** in hands-on vulnerability research - Strong understanding of **vulnerability classes**, C/C++/ASM - You've experimented with or exploited **n-days** on Windows, Android, or browsers - Reverse engineering capabilities using software such as **WinDbg, IDA, Ghidra** - Above all — a **true passion for breaking things to know them** 🔥 You live, eat, and breathe VR (the security variety 😉), we'd love to speak with you. 📬 Simply DM **@HackSysTeam** on Twitter or Discord for more information or to apply! #Hiring #CyberSecurity #VulnerabilityResearch #InfoSec #HackThePlanet

Here are the slides for my Scudo talk yesterday for the MobileHackingLab Con: github.com/3sjay/talks/bl… it has two extra slides I haven't addressed in my talk. One describing two common misconceptions and one showing the shuffle count for each class.

Started a blog series on writing a minimal ARM hypervisor from scratch — boots as a UEFI app, claims EL2, identity-maps everything through Stage 2. Chapter 0 just dropped: ARM vs x86 virtualization, UEFI internals, EDK2 setup, first app at EL2. 0xabe.io/hypervisor/arm…

The slide is available now: github.com/ThomasKing2014… . Thanks for the fantastic conference @POC_Crew. Happy New year.

Slides from @st424204 & @Peterpan980927 's talk at @codeblue_jp is now live! “AI Accelerated Exploiting: Compromising MTE-Enabled Pixel from DSP Coprocessor.” Slides: github.com/star-sg/Presen…

While y’all discounting your mediocre courses, @zerodaytraining is doubling down on my pro offers: - Foundations + Hypervisor = Escape Bundle (new) - Foundations + Browser = Remote Bundle (new) - Foundations + Hypervisor + Browser = Elite Bundle (new) That’s a full roadmap from zero to zero day engineer.

Watch XOR’s talk CUDA de Grâce: Owning AI Cloud Infrastructure with GPU exploits Kernel + driver bugs aren’t just a LPE problem, they’re a cloud problem. With the explosion of AI in the cloud, NVIDIA’s GPU drivers have become a valuable attack surface youtu.be/Lvz2_ZHj3lo

My HEXACON talk video is out! It covers a small race condition in the Linux kernel’s io_uring. I recommend watching it at 1.25× speed since I’m still not great at speaking 😅 youtube.com/watch?v=Ry4eOg… Here is the slide! u1f383.github.io/slides/talks/2…

Bug Tamer: Turning Limited Heap Overflow into Full VMware Escape by Yongkang Jia & Xiao Lei powerofcommunity.net/2025/slide/y-9…

Made a pwn challenge for this year’s HITCON CTF, which required participants to bypass PAC, BTI, and deal with relative vtables. Here’s the write-up: bruce30262.github.io/hitcon-ctf-202… Check it out if you're interested🙂

I posted a short blog about how a Samsung GPU vulnerability (CVE-2025-21479) can be leveraged for an LPE on affected devices xploitbengineer.github.io/CVE-2025-21479

It’s time to publish the blog post about the bug that won at P2O Berlin 2025. Enjoy! With this post, I mark my last moment as a researcher at @oobs_io. I’m moving on to a new place for a fresh start.🔥🦎 oobs.io/posts/four-byt…

@S4fv4nP @_c0c0n_ Appreciate it! Glad you enjoyed the session and huge congrats on winning the CTF! 👏🔥

Recently attended an amazing Windows Kernel Exploitation training at @_c0c0n_ by @HackSysTeam's Ashfaq Ansari! 🔥 Ashfaq was an incredible trainer - made complex kernel concepts easy to grasp. Also won the CTF! 🏆 Big thanks to Ashfaq and HackSysTeam! 🙏

Bidding farewell to one of the last Windows kernel address leaks, CVE-2025-53136 (KASLR bypass). Sometimes, even patches can open new doors for exploitation. crowdfense.com/nt-os-kernel-i…

Check out our newest blog about how we took advantage of a WebGPU feature to turn an integer underflow bug into an arbitrary read in Chrome’s WebGPU. This bug was fixed by Google long ago, but our ticket is still restricted. qriousec.github.io/post/oob-angle/ by @lanleft_ + @__suto

Last weekend, I participated in corCTF and solved the Android Pwn challenge - corphone. It was a great challenge, and I learned a lot from it. Here's my write-up :) u1f383.github.io/android/2025/0…

My new article: "Kernel-hack-drill and a new approach to exploiting CVE-2024-50264 in the Linux kernel"⚡️ I tell a bug collision story and introduce my pet project kernel-hack-drill, which helped me to exploit the hard bug that received @PwnieAwards 2025 a13xp0p0v.github.io/2025/09/02/ker…

Part 1 of my article series on fine-tuning an LLM for analysis of massive amounts of Intel Processor Trace is up. Use cases: codebase vulnerability scan, at-scale bug triage, etc. With thanks to @33y0re, @ivanrouzanov, and @vGPUArthur: alansguigna.com/2025/08/using-…

Exploit and mini writeup for CVE-2025-5419. github.com/mistymntncop/C…

New blog post: A journey in Android physical memory - writeup on exploiting recent GPU bug CVE-2025-21479 dawnslab.jd.com/android_gpu_at…