Me and the homies are dropping browser exploits on the red team engagement 😎. Find out how to bypass WDAC + execute native shellcode using this one weird trick -- exploiting the V8 engine of a vulnerable trusted application.

Operationalizing browser exploits to bypass Windows Defender Application Control (WDAC) | IBM

Previously discovering a method for bypassing even the strictest WDAC policies by backdooring trusted Electron applications, the IBM X-Force Red te...

The past year has been amazing. From marriage, to Pwn2Own to a Pwnie Award, I'm so grateful. I'm using the money I've won from hacking competitions, bounties, & RB for two ppl to travel & attend Hexacon, the premier offensive security con in Paris, France.

Google Docs

Hexacon Scholarship Application

chompie wants YOU to go to Paris for Hexacon. Fill out this form to apply! Applications will close August 31, 2024 at 11:59pm EST