Google Project Zero |
https://googleprojectzero.blogspot.com/p/about-project-zero.html |
Code Complete |
Code Complete. Second Edition. 1st Series 0735619670. Microsoft Press. |
Why I Love and Don't Love Offensive Work |
https://www.youtube.com/watch?v=8QRnOpjmneo |
The Road to Zero GitHub |
https://github.com/faisalmemon/the-road-to-zero |
Exploit Database Git Repository |
https://github.com/offensive-security/exploitdb |
A Programmer's Guide to the Mach System Calls |
A Programmer's Guide to the Mach System Calls by Linda R. Walmer and Mary R. Thompson, Carnegie-Mellon University, 1988. |
Mach |
Mach Concepts by NeXT Computer, Inc. 1995. Mirror Website |
*OS Internals |
*OS Internals by Jonathan Levin |
Entitlements Cross-Reference |
Entitlements Cross-Reference by Jonathan Levin |
MobileSafari Share Vulnerability |
https://blog.redteam.pl/2020/08/stealing-local-files-using-safari-web.html |
iOS Version History |
iOS Version History |
Security Content of iOS 13.6 |
HT211288 About the security content of iOS 13.6 and iPadOS 13.6 |
Common Weakness Enumeration (CWE) |
Common Weakness Enumeration |
History of iOS Mitigation Techniques |
A Look at Modern iOS Exploit Mitigation Techniques.pdf by Luca Todesco @qwertyoruiopz |
Jails: Confining the omnipotent root |
Jails: Confining the omnipotent root. |
Evolution of iOS Mitigations |
Evolution of iOS Mitigations |
AArch64TargetParser.def |
LLVM AArch64TargetParser.def |
Memory Tagging Extension (MTE) |
Memory Tagging |
KPP Tick-Tock |
KPP Tick-Tock |
KTRR |
KTRR Kernel Text Read-Only Region |