In many ways, mobile devices lead the security industry when it comes to defense-in-depth and mitigation. Over the years, it has been proven time and again that the kernel cannot be trusted to be secure. As such, there has been effort put into moving secrets (ie. encryption keys) and other sensitive data out of the kernel and gate it behind an API at higher levels in the chain of trust, whether it be the hypervisor or secure enclaves. In any case, the kernel must have a lot of control over the s
Many resources for learning exploit development focus on specific tricks rather than underlying principles. My roadmap aims to teach the fundamentals of memory corruption to help you grasp modern, complex exploits.
This post has been updated
https://dayzerosec.com/blog/2024/07/11/getting-started-2024.html
Removing the Open Security Training from my recommendations kinda messed with the flow of these recommendations. So it triggered me to rework all the recommendations with updated resources. I'm leaving this post relatively untouched for anyone who was referencing it but I'd recommend the new one for anyone just getting started.
tl;dr The rest of this goes into detail about what topics matter and why fr
Over the last year or so, I've been working with the OpenOrbis team to develop a toolchain for building homebrew for the PS4, and one of the challenges we faced was porting a proper libc to the console. This article dives into some of the interesting lessons learned while porting MUSL to the PS4.