CVE-2019-0567

Collection of STEM articles and tidbits you can read over a lunch break.

Awesome Reading List "First – I’m very tired of posts that complain about how people are “wrong” about how a given piece of technology works without explaining why it’s helpful to be “right”" --Julia Evans Articles, blog posts, web apps, videos, and other tidbits of STEM related awesomeness that can be read over a

Chakra Type Confusions - PoCs of Edge's legacy JS engine vulnerabilities that inject code into the JIT process

Chakra Type Confusions This repository contains PoCs for type confusion vulnerabilities in the ChakraCore engine used by Microsoft Edge (EdgeHTML version, not Chromium-based Edge) The PoCs inject dummy code (specifically an int 3 followed by nop) into a Just-In-Time (JIT) compilation process To verify the PoCs, attach a debugger to a JIT compilation process (one of the Micros

Chakra Type Confusions - PoCs of Edge's legacy JS engine vulnerabilities that inject code into the JIT process

Chakra Type Confusions This repository contains PoCs for type confusion vulnerabilities in the ChakraCore engine used by Microsoft Edge (EdgeHTML version, not Chromium-based Edge) The PoCs inject dummy code (specifically an int 3 followed by nop) into a Just-In-Time (JIT) compilation process To verify the PoCs, attach a debugger to a JIT compilation process (one of the Micros

A POC of a type confusion bug in chakracore framework that leads to code execute.

Chakra-CVE-2019-0567 A POC of a type confusion bug in chakracore framework that leads to code execute Following from Connor McGar's blog connormcgarrgithubio/ NOTE: The Offsets and ROP gadgets depends on the Windows version you use, so it might not work for you If you compare my code to Connor's POC, you will see that most of the offsets are different Tha

EXP-401: Advanced Windows Exploitation - OSEE Certification This repository is dedicated to my self-study journey towards the Offensive Security Exploit Expert (OSEE) certification I am planning to attend the course in 2025 or 2026, and this is part of my preparation I believe in the power of open learning and therefore, I am sharing the materials that I am using for my studi

browser security

awesome browser security Exploit Attacking JavaScript Engines in 2022 Experience Bug bounty hunter to working at Microsoft JavaScriptCore Fundanmental Speculation in JavaScriptCore--slide A New Bytecode Format for JavaScriptCore--slide Profiling in JavaScriptCore JavaScriptCore Internals Part I: Tracing JavaScript Source to Bytecode JavaScriptCore Internals Part II: The LL