8kSec

🚨Our newest blog on Android SELinux Internals Part II is out! Read it here: 8ksec.io/android-selinu… In this one, we take a look at SELinux domains, AVC denial parsing, and policy modification with Magisk, KernelSU & APatch for exploit testing on Android. It covers everything from seapp_contexts to building persistent Magisk modules for security research. #MobileSecurity #AndroidSecurity #InfoSec

Move past app layer security and learn more interesting content like this in our course that covers iOS and Android Internals at academy.8ksec.io/course/offensi…

🚨Our newest blog on Android SELinux Internals Part II is out! Read it here: 8ksec.io/android-selinu… In this one, we take a look at SELinux domains, AVC denial parsing, and policy modification with Magisk, KernelSU & APatch for exploit testing on Android. It covers everything from seapp_contexts to building persistent Magisk modules for security research. #MobileSecurity #AndroidSecurity #InfoSec

Writing your own shellcode is the kind of hands-on primitive that builds real intuition for ARM64 exploitation. Try it yourself in our free ARM Exploitation Challenges – stack smashing, heap corruption, ROP chains, and shellcode construction on ARM64: academy.8ksec.io/course/arm-exp…

Writing an ARM64 bind shell that chains six syscalls without a single null byte: 8ksec.io/arm64-reversin… x0 is shared on ARM64, it's the syscall return register and the first-argument register. The socket fd can't stay in x0 across six calls, so it parks in x4 and reloads when needed. Then the null-byte constraint kicks in. LDR pulls from the literal pool, MOV #0 encodes zero, SVC 0 introduces a null byte in the immediate. Fixes: ADR, MOV xzr, SVC #0x1337. 144 bytes, same chain, no zeros. Check out the series at 8ksec.io/arm-64-reversi…

Take AI security further in our Practical AI Security course. Attacks, defenses, and applications across LLMs and AI agents: academy.8ksec.io/course/practic…

We’ve reviewed hundreds of submissions for 8kSec Battlegrounds. But we haven’t reviewed yours yet 🧐 8kSec Battlegrounds offers free mobile and AI security labs designed to challenge your skills across different difficulty levels. ‣ Hands-on scenarios. ‣ Progressive challenges. ‣ Certificate upon successful completion. Ready to test your skills? 8ksec.io/battle/ Keep learning with @8kSec. Follow us for more security resources!

Practice iOS app exploitation hands-on in our Practical Mobile Application Exploitation course. Full iOS and Android app attack curriculum: academy.8ksec.io/course/practic…

iOS Deep Link Attacks: In this blog, we explore techniques to identify and exploit iOS deep link vulnerabilities, including phishing, insufficient URL validation, HTML injection, and CSRF- 8ksec.io/ios-deeplink-a… Follow @8kSec for more hands-on security content

Build exploits yourself in our free ARM Exploitation Challenges. Stack smashing, heap corruption, ROP chains on ARM64: academy.8ksec.io/course/arm-exp…

Bypass NX on ARM64 and execute your shellcode using mprotect(). Check out the full blog here: 8ksec.io/arm64-reversin… Follow @8kSec for more practical security content

URL scheme exploitation is one of the topics we cover in our Offensive iOS Internals course. 6 modules from iOS architecture and kernel internals through Frida instrumentation and vulnerability research: academy.8ksec.io/course/offensi…

This blog covers how to identify deep link attack surface in iOS apps, URL schemes, Universal Links, and techniques for finding them without source code: 8ksec.io/ios-deeplink-a… Follow @8kSec for more mobile security research

Building ROP chains is a core skill for mobile platform exploitation. Our Offensive Mobile Reversing and Exploitation course covers buffer overflows, ROP, PAC bypasses, and kernel-level security mechanisms across both iOS and Android. Includes OMSE certification: academy.8ksec.io/course/offensi…

This blog walks through building a ROP chain on ARM64: 8ksec.io/arm64-reversin… In this one, we overflow a gets() buffer, calculate the ASLR slide from a leaked address, then chain two gadgets: chain1 loads "nc -l 4000" into memory, chain2 calls system(). Full payload construction walkthrough. Keep learning with @8kSec. Follow us for more such content!

🌱 Thank you to everyone who participated in our Earth Day giveaway and shared their favorite places on Earth with us! Congratulations to our 3 winners: @gonzxph, linkedin.com/in/victoria-ar…, and linkedin.com/in/faizzmuhamm…! 🎉 We will DM you shortly from our official 8kSec account to get you set up. Didn't win? Our SAVE25 promotion has been extended to April 30th. You can still grab any course at 25% off – our best price of the year! Explore the catalog here: academy.8ksec.io

🌍 Earth Day Giveaway - Learn Mobile or AI Security, On Us One beautiful planet we all share. Let's patch it together. 🌱 To celebrate Earth Day, we're planting 3 free seats 🌱 in any 8kSec Academy course - winner's choice of the whole forest: • Practical AI Security: Attacks, Defenses, and Applications • Practical Mobile Application Exploitation • Offensive Mobile Reversing and Exploitation • Offensive iOS Internals • Offensive Android Internals Explore the catalog → academy.8ksec.io How to enter (zero carbon footprint 🍃): 🌿 Follow us 🌿 Like this post 🌎 Repost to spread the seeds 🌟 Bonus: double your chances! 💬 Comment your favorite place on Earth that you have visited or would like to visit 🌍, and we'll count your entry twice 3 winners sprout on April 27. We’ll DM each winner to select their course.

Use-After-Free is one of the most powerful exploitation primitives on ARM64. Our Offensive Mobile Reversing and Exploitation course takes you through these techniques and beyond — covering PAC, SPTM, RKP bypasses, and real jailbreak/root case studies with Corellium labs: academy.8ksec.io/course/offensi…

Exploit a Use-After-Free on ARM64 to bypass authentication: 8ksec.io/arm64-reversin… Free a user struct with a hidden "reset" command, reallocate overlapping heap memory via customerChat, overwrite the password field, and login. Reverse engineered with Hopper. Follow @8kSec for more hands-on security content.

Want to go beyond the basic application security content everyone keeps talking about? Head over to academy.8ksec.io/course/offensi… to check out our in-depth course on iOS Internals and Exploitation where you can learn more such techniques.

New Blog Post: How browser exploits actually work on iOS – written for beginners who've never read a browser exploit writeup. We use Google's DarkSword chain as a case study to explain Safari's JIT, the PAC bypass, and how attackers escape the WebContent sandbox. No prior knowledge needed. 8ksec.io/how-browser-ex… Stay updated with @8kSec for more blogs like this