Farzan Karimi

Dropping exploit code from my DEF CON 33 talk: Recursive Request Exploits (RRE) TL;DR: Trace API calls backward from a protected resource. If any upstream API is unauthenticated, you can bypass access to the whole chain. github.com/jumpycastle/rr…

@cptnsumo Great to know the content came through on the livestream. Phew! Thanks for supporting the talk

@jumpycastle super interesting talk at DEFCON today, nice job of rolling with the technical difficulties as well (stream showed slides the entire time).

I built Comment Crusader, a Burp Suite extension to uncover one of the more overlooked sources of data leaks in web apps: developer comments. Will be released this month. Enjoy a quick teaser.

@CryptoGangsta Funny you mention. I have an Odyssey G9 49” monitor and look at this tiny screen 99% of the time lol

@jumpycastle Man I would go crazy looking at the case instead of the monitors lol

Thrilled to share that my former Android Red Team has hit a major milestone with their first blog post! They detailed the exploitation of Android Binder (CVE-2023-20938), achieving root privileges on updated devices. Read more: androidoffsec.withgoogle.com/posts/attackin…

I presented a lightning talk at Google Cloud Security Talks today focused on how our Android Red Team was able to attack modem chips to help drive important baseband mitigations in Android 12+ If you're interested in just the exploit demo, skip to 9:40 youtube.com/watch?v=BMbd2v…

I'll be presenting on the state of Pixel cellular security at Google Cloud Security Talks on Oct 25th. Please register if interested! cloudonair.withgoogle.com/events/2023-oc…

Our Android Red Team's #defcon31 talk "Over the Air Under the Radar. Attacking and Securing the Pixel Modem" was just posted. Check it out! youtube.com/watch?v=QrkB_e…

Excited to read "The Android Malware Handbook" by co-authors and colleagues Sebastian Porst and Salvador Mandujano on Android malware detection and analysis. It covers reversing, app static and dynamic analysis with hand on examples. Pre-order now! barnesandnoble.com/w/the-android-…

Our Android Attack Tools team (an arm of Android Red Team) just published this article on continuous fuzzing. If your company is new to the fuzzing game and are looking for a recipe to build from, this is an excellent read. security.googleblog.com/2023/08/androi…

Heard on a call today debating the pros and cons of fuzzing: "Fuzzing is just an expensive way to warm your living room in winter" Well said. It's both a pro and a con.

Honored to have presented with these world class researchers on the Android Red Team at #DEFCON and #BlackHat. Recordings should be out soon!

PoC how to trigger Remote Code Execution in Over-the-Air attack targeting Google Pixel 6 #RCE Victim perspective: Connect to attacker's fake base station -> receive call -> PWND! Slides: i.blackhat.com/BH-US-23/Prese… Demo: youtu.be/R-XXpG_mZZI via @jumpycastle @vxradius

Over the air (OTA) RCE proof of concept targeting the Pixel 6 modem demonstrated during our Black Hat and DEFCON talks last week @vxradius This has been patched 👍 youtube.com/watch?v=R-XXpG…

Slide-deck of our talk at BH USA 2023 on attacking & securing Pixel modem are available at i.blackhat.com/BH-US-23/Prese… @jumpycastle, Xuan & Xiling

If you saw our presentation on Red Teaming the Pixel modem at Black Hat and DEFCON this week, we referenced an article that directly captures the mitigations introduced in Android 14. Big steps forward for cellular security. security.googleblog.com/2023/08/androi…

Our Black Hat and DEF CON talks are coming up this week. See you all there! Title: Over the Air, Under the Radar. Attack and Securing the Pixel Modem #blackhat : 3:20 pm Weds (Oceanside C) #defcon: 1:00 pm Fri (Track 2)

Come see our Android Red Team's review of the Pixel modem at DEF CON. We'll be demoing a full PoC of OTA RCE (all patched) Talk title: Over the Air, Under the Radar defcon.org/html/defcon-31…

Excited to announce our #Android #RedTeam was accepted to speak at both #BlackHat USA and #defcon31. We will be presenting "Over the Air, Under the Radar" covering attack surface we identified and mitigated on cellular comms Stop by if you're there! #over-the-air-under-the-radar-attacking-and-securing-the-pixel-modem-33009" target="_blank" rel="nofollow noopener">blackhat.com/us-23/briefing…