Specialties
IoTFirmwareExploit Dev
Publications
CODE BLUE 2025 · 2025
Dancing with Exynos Coprocessor: Pwning Samsung for Fun and "Profit"
Attacking Samsung devices through the Exynos coprocessor — a deep dive into an underexplored attack surface.
DEF CON 30 · 2022
All Roads Lead to GKE's Host: 4+ Ways to Escape
Four distinct escape paths from Google Kubernetes Engine pods to the underlying host — a study in how container isolation assumptions break down.
IDSECCONF 2021 · 2021
VM Escape Case Study: VirtualBox Bug Hunting and Exploitation
A practical case study in hunting and exploiting VM escape vulnerabilities in VirtualBox.
HITCON 2021 · 2021
The Great Escape: A Case Study of VM Escape and EoP Vulnerabilities
Chaining VM escape and elevation-of-privilege vulnerabilities into a full compromise — a case study from competition and research.