Eating 0days for breakfast

Doing what you believe in, and going after your dreams will only result in success. - Anonymous

Our company is a leader in the cybersecurity industry, specializing in code auditing and vulnerability assessment through advanced techniques such as source code analysis and fuzzing. We have invested significant time and resources into building advanced fuzzing tools, including harnesses, mutators, and emulators, and developing automated, scalable tooling to identify security flaws. We are committed to improving public tooling and ensuring the security of widely deployed software and software with large user bases.

In addition to our core services, we have also helped deliver advanced web hacking training courses to further educate and advance the skills of professionals in the cybersecurity industry. Our team of experts is skilled in vulnerability research and zero-day exploit development, and we regularly participate in hacking competitions and bug bounty programs. We focus on discovering and addressing bug classes that could lead to pre-authenticated remote code execution, local privilege escalation, and sandbox escape/bypasses. When vulnerabilities are discovered, we work collaboratively with affected vendors to notify the public through advisories and actively participate in remediation efforts.

We also conduct innovative research and development of new exploitation techniques and mitigation bypasses. Our technical reports provide in-depth analysis and descriptions of the root cause of any identified security bugs, helping affected vendors understand the issue and take steps to address it.

News

MSRC 2023 MVR Office Security Researcher Leadboard

MSRC 2022 Q1 Security Researcher Leaderboard

MSRC 2022 Q3 Security Researcher Leaderboard

Andoird hacking

Excited to share an incredible experience from the recent hardwear.io - Hardware Security Conference and Training #HardPwn USA 2023. A huge thanks to Antriksh Shah for organizing such a great event and the Google hails record haul of device vulnerabilities write up on the hardwear website!


During our exploration, we reported a total of 9 vulnerabilities in Android OS and Google's firmware. This list included numerous logic/memory corruption bugs, including local privilege escalation (LPE) and remote execution (RCE) issues.


This event was a prime opportunity to demonstrate how crucial it is to probe not only software but also cover hardware.

Furthermore, congratulations to all the other researchers who participated and Google with the triaging and answering questions. Can't wait for HardPwn Netherlands!