I did it! 🙌
What an amazing crowd! Thank you so much to everyone who showed up to watch my keynote. The room was packed!
If you want to chat or say hi and can’t find me, visit me at my book signings tomorrow and Saturday. :)
As I was laying in bed with a cold yesterday, I felt like I should use that time to create a cute little cheatsheet on ARM assembly basics for you guys. Enjoy! 🖤
The first version of my ARM Assembler is finally finished! 🖤
AZM - Live ARM Assembler and Syntax Checker:
- Supports most 32-bit ARM and 16-bit Thumb instructions
- Automatic assembly of instructions as you type
- Marks zero-bytes in output as you type
My hobbies include
- Not speaking to anyone for days
- Shouting at my computer
- Taking on a million projects, then complaining about how busy I am
- Hating Linux for being a god damn b*tch
- Listening to the same songs I’ve been listening to for 10 years
Apple: we’re the most secure OS! No bugs, don’t look.
Corellium: *provides researches with a proper research environment to find bugs and test their apps*
Researchers: *find and report bugs using Corellium*
Apple: no no no no nooo NO 😱 *sues Corellium*
✨Big Announcement✨
After almost one year of building, preparing, and operating successfully but quietly, I am proud to finally tell you that I am ...
Launching my new company!
I promised a training page with weird design attempts so here it is:
Exciting news! My book is finally 100% finished and in production. The release date is scheduled for May 2023! 🥳
I’ll make an official announcement with the exact date and pre-sale links as soon as I get them.
Omg you guys.
Remember when I put my Arm Assembly cheat sheet on a Teespring joggers/pants template and ordered it for lulz?
It took a while to be delivered from the US but they finally arrived and I’m obsessed. They’re so shiny, I love it. 😆
Self-isolated hackers, assemble!
✨ 3 new tutorials and a new VM for you to play around with:
Lab VM 2.0:
Emulating Router Firmware:
Stack Overflows:
XN Exploit Mitigation and ROP:
Finally! I can share my big news! 🎉
I am thrilled to officially announce that I’m joining
@CorelliumHQ
in my new role as Chief Product Officer.
Joining the incredible team behind the product I’ve admired for so long is a dream come true. 🤩
✨ANNOUNCEMENT✨
I am incredibly happy to announce that I signed TWO book contracts with Wiley! 🤩
This is a dream come true and I could not be more excited to share it with you. 🤍
So excited, I even created a facy page and a newsletter for updates.
For Pentesters and CTF players, here’s a list of useful payloads and bypasses, covering various WebApp attacks.
There are a lot of similar GitHub repos out there. What’s your personal favorite?
Sooo I’m going to release an online in-browser ARM assembler that:
- checks your assembly for syntax errors,
- highlights those syntax errors,
- shows the opcodes for each instruction to check for bad chars
...AS YOU TYPE. 🤓
Probably tomorrow or some time this week.
Kthxg8 🌙
Some of you know that I like to use “art” as a coping mechanism when I feel anxious or bored.
This year’s been rough so guess what.
Brand new Armv8 / AArch64 Assembly Cheatsheet ✨
You can download it for free by setting the price to $0:
Enjoy <3
For newcomers & everyone who constantly gets stuck when trying to learn a new skill but gets distracted. My thoughts on deliberate practice and deep work; an attempt to help.
“The Importance of Deep Work & The 30-Hour Method for Learning a New Skill.”
Finally, Azeria-Lab-VM v1 is ready for download:
VMware image, OS: Ubuntu, QEMU running ARMv6, ready-to-play.
Here are some root-me ARM exploitation challenges:
I also included a quick guide on how to get started:
Brain Hack:
How to trick your brain into learning something new, faster & more effectively.
1. Tell yourself you are going to only focus on it for the next 45min, with high intensity.
2. Once you're done, stop everything and enter deep rest mode.
What this does to your brain:
When I get sad, I read ARM manuals and books until I find knowledge gaps and feel happy that I learned something new. I’m fucked up, I know, but hear me out.
It’s 1am and I just learned how to switch Endianness on ARM:
setend be
ldr r0, [r1]
setend le
Looks like Arm wrote me a Cease and Desist letter to take down my domain “” advertising my book on Arm assembly internals and RE because apparently I’m infringing on copyright by using the word “Arm” even tho I literally refer to their architecture?!
For everyone who wants to level up their C skills:
Project Based Tutorials in C -
A list of tutorials that work towards the making of small to large projects in C.
I’ve decided to write up one of the iOS exploits in a new series, walking through each step of the underlying exploit development process.
Hope these post will be more accessible for ppl trying to learn exploit dev and understand how exploit devs think.
Time for another scammer story!
An Indian dude called Amartya Tagore (
@AmartyaTagore
) thought it would be a good idea to steal my code & graphics, and pretend to sell my courses.
Too bad that my website code is self-written obfuscated JS with little detection easter eggs.
My god, where is this flood of new followers coming from?!
Disclaimer: Beware the nerd.
If you’re not into ARM-based mobile/IoT exploitation and reverse engineering or nerdy assembly language stuff, you won’t like my tweets. Lots of nerdy technical stuff planned for next year ✌🏼
To make it a little easier for you to get started with ARM exploitation, I compiled some small buffer overflow challenges to play around with and created a quick guide. All you need to do is follow the instructions and start tinkering around. Have fun 🖤
Continuing the iOS exploit development series:
Part 1: Heap Exploit Development:
Part 2: Heap Overflows and the iOS Kernel Heap
✨NEW: Part 3: Grooming the iOS Kernel Heap
NEW blog post for beginners and anyone who feels lost when trying to learn a new skill:
Part 1: The Paradox of Choice -
Learning new skills in InfoSec without getting overwhelmed.
Next part will be about distractions and how to stay focused.
We all pretend to *know* Linux, but in reality we just memorize a heap of bash commands and hope it doesn’t implode into a tty1 login jail without network interfaces to fix the dependency hell we got into.
Finally! My new book "Arm Assembly Internals & Reverse Engineering" is up for pre-order!
Save the date for the official launch on May 9th.
Can't wait for you to dive into the world of Arm Assembly!
Check out the official book website for more info:
Today I’m finally starting my dream job! 🥂
Being the Chief Product Officer of my favorite Arm security research product is a dream come true.
I’m a creative person who loves technical challenges and thrives on strategic planning. This role has it all. :’)
Don't be afraid to write ur own blog or share ur knowledge in your own way just because you're scared of what people are going to say about you. People will judge you no matter what. Think of those who’ll benefit from your experience, not those who expect everything to be elite.
Lost 50 followers who identify as white supremacists in one hour. 💪🏼
I’ll repeat it again for the racists in the back:
You’re making black people’s lives a constant struggle. There is NO EXCUSE for being racist. NONE.
It’s 2020. Get a brain, snowflake.
I regularly get DMs from ppl struggling to learn a new skill bc they’re overwhelmed.
The struggle is real. I’ve been there. Here’s how I overcame it:
The Paradox of Choice:
Deep work:
Mastering a skill:
Yesterday I finally received the poster print of my new Arm assembly cheat sheet and it turned out so much better than expected 🤩
If you also want to decorate your room with some fancy assembly, you can get the poster on Teespring. \o/
Poster Print:
I admit, it’s surprising to hear offensive InfoSec folks talk about how they “accidentally” worked for or were in the process of being recruited by UAE intelligence.
I rejected ~$1mio worth of mobile exploitation training requests from the Middle East without a second thought.
How to get free marketing for your new product:
Step 1: claim it’s unhackable.
Step 2: wait for the InfoSec community to lose their shit & share it widely.
Step 3: wait for tech journalists to write a piece about it.
Step 4: goto step 1
Win.
The term “Black Hat” comes from the depiction of a mysterious hacker that stays in the dark, wearing black to avoid drawing attention.
It refers to the color of a hat, not the hacker’s skin color.
Part 2 of my Heap Exploitation series is finished! ✨
Part 2: Understanding the Glibc Heap: Free, Bins, Tcache:
In case you missed Part 1: Understanding the Glibc Heap - Overview and Allocation Strategies:
Dropping the first part of the Heap Exploitation series today.
The heap is a beautifully complex construct. Yet most heap exploitation tutorials assume it to be common knowledge, thus making it unnecessarily hard to understand.
So I’ll start the series with an intro to the heap
VOGUE Germany interviewed me for their Business issue! Achievement unlocked. 🤩
I absolutely hate the picture they chose but who cares I’M IN VOGUE BITCHEES ✨✨
Overwhelmed by all the support I’m receiving from the community. 🥹🙏🏼
As a small thank you, I made all my high-resolution Arm assembly cheat sheets available for free 💙
Get them here:
WFH - Azeria Edition
Quarantine day *checks calendar* 39.
Upgraded my workstation to keep me inside for as long as possible.
Intel i9-9960X CPU
64GB RAM
GeForce RTX 2080
43” monitor
I’m ready to stay inside until the end of time.
I'm still getting many DMs asking how to learn Arm assembly and firmware exploitation and I'm DYING for my book on A32 and A64 reversing to be finally published. 😩
So in the meantime.. I'm pinning this thread with tutorials that help you get started on firmware exploitation.
Self-isolated hackers, assemble!
✨ 3 new tutorials and a new VM for you to play around with:
Lab VM 2.0:
Emulating Router Firmware:
Stack Overflows:
XN Exploit Mitigation and ROP:
Finally managed to get ARM64 Ubuntu and Arm-based Windows VMs running on the M1.
If you have a MacBook M1 and are frustrated that you can’t run VMs because VMware Fusion or Parallels don’t officially support it yet, here’s how you can do it anyway.
Since this year has been a hit in the face for all of us, let's burn it down and start celebrating the new age of ARM-based devices.
To kick it off, I am giving away 2020 free downloads of my ARM 32-bit assembly language cheat sheet!
“Ghost in the Shell” themed conference, they said.
Very well. Time to go all in and put on Le Cyber Pants! This fox has a suitcase full of cyber outfits! 😈 🤖
Upon popular demand,
@gabsmashh
and I are finally sharing our secret to fame and glory!
So you want to be well-known and respected in infosec? Easy!
1. Be an “attractive-looking woman”
2. Bamboozle men with selfies
3. Most importantly: make-up, CONTOUR!
Here is a tutorial:
I don't know who needs to hear this (me lol) but you are not defined by your performance and the ridiculously high standards and unrealistic expectations you set for yourself.
Get yourself a partner who loves you for the weirdo that you are and serves you a custom print of the Armv9 architecture supplement with an A5 Wagyu steak.
I wanted to learn reverse engineering. Then I thought, everybody does x86, so why don’t I do ARM instead. Given the market share of ARM processors, I found it utterly surprising that the vast majority of RE resources are focused on x86, so I created Azeria Labs to fill the gap.
Exciting daaay! Today I have the honor to present my 80-page thesis on Arm exploit mitigation bypasses and TrustZone attacks in front of
@Arm
engineers in Cambridge. ✨👩🏼💻
Great news! She survived and I was finally allowed to take her home today. =)
She needs to take lots of pills since she’s still recovering from surgery (getting two organs removed), but she’s happy. ♥️🦊
If you want to learn how to write a reverse shell in ARM Assembly + corresponding Yara rule, and have 7 minutes of time, here you go. 20 slides, 20 seconds per slide. Challenge accepted and successfully completed. :)
BREAKING: Apple lost their lawsuit against
@CorelliumHQ
!
The judge threw out Apple’s claims that Corellium had violated copyright law with its software, which helps security researchers find bugs and security holes on Apple’s products.
The slides for my Arm Research Summit keynote “Hacker Nightmares — How to give Hackers a Headache with Exploit Mitigations”
... are uploaded and available here:
Video will be uploaded to YouTube in the next couple of days. :)
#NewProfilePic
Me at conferences:
20% being excited to meet people
20% attending talks
20% looking for snacks
40% hiding away with my laptop and recovering from introvert hangover
I uploaded the slides of my
@roadsec
Keynote “The Paradox of Choice - How to thrive in an industry with too many possibilities”:
More detailed blog posts about the topics I covered will follow in the upcoming days/weeks. 🖤
Azeria Labs is back up 🙏🏼
I’m still upset about handing over my other domains, and discarding my plans for them. After all I’ve done for Arm, I expected them to go about this more respectfully and with some decency.
Update: my blog is currently blocked due to the C&D.
It’ll (hopefully) be back up once this has been resolved and I transferred all my arm related domains to
@Arm
.
Though I am upset about the impatience despite my willingness to cooperate.
Workshop successfully completed! From Zero to ROP chains in one day. The shells just kept popping and I’m so proud of them. 🤩
Thank you
#bluehatv18
!
I’m exhausted, but happy.
Only 1.5 chapters remaining until my book is finally done. I’m at >450 pages so far & it’s likely going to be ~600.
Y’all. Hundreds of hours and several breakdowns went into this. I can’t wait for it to be finished and hope you appreciate the sweat and tears that went into it.