The following is a list of presentations made by our STAR Labs Cyber Security researchers.

2023

A Year Fuzzing XNU Mach IPC

  • Date: 13th to 14th October 2023
  • Author: Peter NGUYỄN Vũ Hoàng
  • Event: Hexacon 2023
  • References: Presentation

Ghosts of the Past: Classic PHP RCE Bugs in Trend Micro Enterprise Offerings

  • Date: 18th to 19th August 2023
  • Author: POH Jia Hao
  • Event: HITCON CMT 2023
  • References: Presentation

What You See IS NOT What You Get: Pwning Electron-based Markdown Note-taking Apps

  • Date: 18th to 19th August 2023
  • Author: LI Jiantao
  • Event: HITCON CMT 2023
  • References: Presentation

Unearthing Vulnerabilities in the Apple Ecosystem The Art of KidFuzzerV2.0

  • Date: 19th to 20th May 2023
  • Author: PAN Zhenpeng
  • Event: Offensivecon 2023
  • References: Presentation

2022

How to Backup and Pwn using Time Machine

  • Date: 10th to 11th November 2022
  • Author: NGUYỄN Hoàng Thạch
  • Event: POC 2022
  • References: Presentation

The Journey To Hybrid Apple Driver Fuzzing

  • Date: 10th to 11th November 2022
  • Author: PAN Zhenpeng
  • Event: POC 2022
  • References: Presentation

All Roads leads to GKE’s Host : 4+ Ways to Escape

  • Date: 11th to 14th August 2022
  • Author: Billy JHENG Bing-Jhong & Muhammad Ramdhan
  • Event: Defcon 30 2022
  • References: Presentation
  • Alternative Link: Presentation

A journey of hunting macOS kernel vulnerability

  • Date: 21st to 22nd April 2022
  • Author: Peter NGUYỄN Vũ Hoàng
  • Event: Zer0Con 2022
  • References: Presentation

An Introduction to Manual Source Code Review

  • Date: 6th Apr 2022
  • Author: POH Jia Hao
  • Event: NUS GreyHats Security Wednesday
  • References: Presentation

A case study of an incorrect bitwise and optimization in V8

  • Date: 6th Apr 2022
  • Author: Lucas TAY
  • Event: NUS GreyHats Security Wednesday
  • References: Presentation

2021

VM Escape Case Study VirtualBox Bug Hunting and Exploitation

  • Date: 4th to 5th December 2021
  • Author: Muhammad Ramdhan
  • Event: Indonesia IT Security Conference 2021
  • References: Presentation

The Great Escape - A Case Study of VM Escape and EoP Vulnerabilities

  • Date: 26th to 27th November 2021
  • Author: Billy JHENG Bing-Jhong & Muhammad Ramdhan
  • Event: HITCON 2021
  • References: Presentation