Ahn Ki Chan

Here are the slides for my keynote, 'Mobile Exploitation, the past, present, and the future' at #Zer0Con2023. Zer0con was a blast as always, thank you @POC_Crew!! 🚀💫 github.com/externalist/pr…

SPTM - The Last Bits: Concluding our deep and pioneering research into #SPTM and #GXF df-f.com/blog/sptm4 #DFF #DFFENDERS

Our new blog post is live: blog.dfsec.com/ios/2025/05/30…

Our latest blog post: Tracing Back to the Source | #SPTM Round 3 #TXM #iOS #macOS #DFF df-f.com/blog/sptm3

#POC2024 Ding-Dong 😎 Kicking off with @qwertyoruiopz with Keynote speech. We are fully packed

Will macOS merge with iOS? #iOS #macOS #DFF #DFFENDERS #Debugging df-f.com/blog/macosandi…

After 3 years, we finally managed to write our first blog post about a powerful XNU infoleak patched in 17.1 blog.dfsec.com/ios/2023/11/19…

Our in-depth exploration of #SPTM and #TXM continues df-f.com/blog/ios-17rou…

The rounds are on us at the #HEXACON2023 Social Event! DM us your favorite cocktail and we'll do our best to have the top requests available

Our very first blog post: “iOS 17, new version, new acronyms” #iOS17 #DFF #sptm #txm df-f.com/blog/ios17

"In mid-2022, @Google Project Zero was provided with access to pre-production hardware implementing the ARM MTE specification. This blog post series is based on that review, and includes general conclusions about the effectiveness of MTE as implemented" googleprojectzero.blogspot.com/2023/08/summar…

Sharing another V8 Sandbox design document more widely: docs.google.com/document/d/1CP… This one discusses how to protect code pointers - probably the most performance sensitive part touched by the sandbox - with (almost) no performance overhead.

🎮PS5 enthusiasts! Specter's talk is here! ⚡Specter @SpecterDev presented the evolving attack surface, modern mitigations like Supervisor Mode Access Prevention (SMAP) etc + internal workings of the PS5's hypervisor ▶️youtu.be/HBFDjfmIUis #hw_ioUSA2023 #gamingconsole

Here are my slides from my @0x41con presentation on Apple’s Lockdown Mode: blacktop.github.io/presentations Enjoy 🎉 ⚠️ Ironically the slides won't load when you have Lockdown Mode enabled 💀 See README for more info here - github.com/blacktop/prese…

qualys.com/2023/07/19/cve… SSH agent forwarding just became even more dangerous. 😂-- leave it to the creative minds at Qualys to turn a series of dlopen()+dlclose() calls (of unrelated/benign shared libraries) into arbitrary code exec, hats off!

If you squint hard enough, you'll see you were there! I hope you all had a great time. Till next time! 😎

The @0x41con lives on because of the hardcore diehard fans it gained over the years who offered to organize and keep it alive. It takes time, effort & money to give you the experience for free. Mad props @Simone_Ferrini, @f_roncari, @jndok for hosting the 4th ed. It was amazing!

It was an honour to organize with @xerub + @Simone_Ferrini + @jndok this 🇪🇸 edition of @0x41con, arguably the world's best conference for research quality. Shoutout to @xerub that made it possible, to all the speakers and to all the attendees who made it special 🫶🏼 #0x41con

I presented my Lockdown Mode research at @0x41con today and it was a dream come true ❤️ I started my iOS research journey ~5yrs ago & always dreamt of just attendin let alone presentin with such legends. This has been a tremendous honor! Thank u @xerub & @Simone_Ferrini et al.

The Old, The New and The Bypass - One-click/Open-redirect to own Samsung S22 at Pwn2Own 2022 written by @testanull starlabs.sg/blog/2023/06-t… Thanks to @thezdi for reviewing and inputs to the blog post. Greatly appreciate that.

@richinseattle Happy birthday! 🚀

Happy birthday to my Gemini twins out there. I've reached the ripe old age of 42 today, ready to learn the meaning of life, the universe, and everything!