Specialties
Linux KernelVirtualizationExploit Dev
Publications
CODE BLUE 2025 · 2025
AI Accelerated Exploiting: Compromising MTE Enabled Pixel from DSP Coprocessor
Using AI to accelerate exploit development against MTE-hardened Pixel devices, attacking via the DSP coprocessor.
CODE BLUE 2025 · 2025
Dancing with Exynos Coprocessor: Pwning Samsung for Fun and "Profit"
Attacking Samsung devices through the Exynos coprocessor — a deep dive into an underexplored attack surface.
HITCON 2025 · 2025
Cracking the Pixel 8: Exploiting the Undocumented DSP to Bypass MTE
How an undocumented DSP attack surface on the Pixel 8 becomes a path to bypassing Memory Tagging Extension.
POC 2024 · 2024
GPUAF: Two Ways of Rooting All Qualcomm-based Android Phones
GPUAF — two independent exploitation paths to root any Qualcomm-based Android device via the GPU attack surface.
DEF CON 30 · 2022
All Roads Lead to GKE's Host: 4+ Ways to Escape
Four distinct escape paths from Google Kubernetes Engine pods to the underlying host — a study in how container isolation assumptions break down.
HITCON 2021 · 2021
The Great Escape: A Case Study of VM Escape and EoP Vulnerabilities
Chaining VM escape and elevation-of-privilege vulnerabilities into a full compromise — a case study from competition and research.