b1ack0wl.com

about:
+ b1ack0wl
+ hobbyist 0-day researcher
+ Twitter
+ Github

projects:
+ DVRF
+ Onlive Firmware

blogs:
+ Adding process continuation to an old exploit [collaboration with @azeria]
+ Reversing and Exploiting Embedded Devices
+ Getting started with DVRF v0.1
+

When an N-Day turns into a 0day. (Part 1 of 2)

talk(s):
+ OffensiveCon20 - Don't forget to SUBSCRIBE [bonus material starts @ 33:40]
+ BlueHat Seattle 2019 - Don't forget to SUBSCRIBE
+ DEFCON 24 IoT Village - Reversing and Exploiting Embedded Devices

public exploits:
+ ASUS TM-AC1900 command injection vulnerability via failed patch (post-auth) [metasploit module]
+ Linux Mint 18.3-19.1 'yelp' command injection vulnerability [metasploit module]
+ Miniupnpd <=v2.1 read out-of-bounds vulnerability [python script]
+ F9K1122v1 1.00.30 buffer overflow w/ process continuation [metasploit module]
+ F9K1122v1 1.00.30 Buffer Overflow delivered via CSRF [python script]