-
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathideas.txt
18 lines (18 loc) · 1.43 KB
/
ideas.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
o think of what a training course would teach
o think about the psychology of software development
x look up references i) that focussed POCs lead to adjacency issues ii) most exploitation comes after the 0 day is released
- @gpzpolicy2020 https://googleprojectzero.blogspot.com/2020/01/policy-and-disclosure-2020-edition.html
- @RR-1751-RC Zero Days, Thousands of Nights: The Life and Times of Zero-Day Vulnerabilities and Their Exploits
o talk about ethics
o explain what is a 0 day
x find aleph zero stack for profit article
- @alephsmashstack Smashing The Stack For Fun And Profit
o explore exploit db and searchspoilt and pick up the 132 examples in ios
o have a section on exploring the sandbox from eclecticlight.co
x create a .bookbuilder file which is actually a json, and have the Book Builder app be an document based app.
o describe how we setup our orange and red machine
o discuss procexp tool p352 of levin and show it for sandboxbroker
o describe the analysis technique of macos ios simulator for blastdoor like bug https://blog.zecops.com/research/the-recent-ios-0-click-cve-2021-30860-sounds-familiar-an-unreleased-write-up-one-year-later/
o for mitigations, read SiguzaMitigations.pdf from https://blog.siguza.net
o for ideas on work exercises and walkthroughs, see high altitude hacks
o explore research done via graphQL based on the book; https://twitter.com/0x3C3E; https://github.com/0x3c3e/slides/blob/main/2023/zer0con/slides.pdf