Thoughts, stories and ideas.| Boschko Security Blog
Explore why adversarial examples fundamentally exist & why models are often wrong almost everywhere.| Boschko Security Blog
Locate instantiated PTE by leaking the base address and dynamically using read primitive to retrieve the syscall id.| Boschko Security Blog
Learn how to craft and understand adversarial attacks on AI/ML models through hands-on challenges on Dreadnode’s Crucible CTF platform.| Boschko Security Blog
Master Android malware reversal with ease using Incinerator, your trusted ally in the fight against threat actors for experts and novices alike.| Boschko Security Blog
TP-Link's TDDP programs fail to properly verify data length during parsing, leading to memory structure destruction and denial of service.| Boschko Security Blog
Simplifying the discovery of IoT/ICS 0-days. Revolutionizing embedded systems reverse engineering in a tool for everyone.| Boschko Security Blog
A step-by-step how-to guide to using QEMU in Ubuntu 18.04 to emulate embedded devices.| Boschko Security Blog
Discovered multiple vulnerabilities in the IoT hardware, software, & cloud peripheral applications (CVE-2022-31898 CVE-2022-42055 CVE-2022-42054).| Boschko Security Blog
CVE-2022-40843 CVE-2022-40845 CVE-2022-40847 CVE-2022-40844 CVE-2022-40846 CVE-2022-41395 CVE-2022-41396 CVE-2022-42053 CVE-2022-42058 CVE-2022-42060| Boschko Security Blog
Solving the ATM/Kiosk & Banking software hacking challenges from Positive Hack Days 2022 Payment Village.| Boschko Security Blog
Looking at how signing binaries with leaked Nvidia certificates affect evasion.| Boschko Security Blog
A tale of stealing from botters/boosters & their win-trading accounts.| Boschko Security Blog
Solving the ATM/Kiosk hacking challenges from Positive Hack Days 2021 Payment Village.| Boschko Security Blog
Looking at Pass-back-attacks & how to exploit trust relationships between devices that are generally considered benign.| Boschko Security Blog
How a path across processes can be obtained from PEB's LDR linked list through QueryFullProcessImageNameW under the hood.| Boschko Security Blog
OSCP/eCPPT braindead buffer overflow guide.| Boschko Security Blog