Zero-Click Calendar invite — Critical zero-click vulnerability chain in macOSCritical zero-click vulnerability chain in macOS (patched)Sep 122Sep 122
Alias file to rule them all — One click code execution with alias file in macOSSummary (TL;DR)Apr 25, 2023Apr 25, 2023
Published inSensorFuEscaping from a truly air gapped network via Apple AWDLIn the following post I go through how to escape from a truly air gapped network using Apple Wireless Direct Link -network and leveraging…Aug 3, 20211Aug 3, 20211
Published inSensorFuTest for network leaks, discover a product flaw and get vendor to fixPlot twist: this time it is not about us doing vulnerability research and reporting. This is a story about our customer in action, told to…Dec 14, 2020Dec 14, 2020
Published inSensorFuHow my application ran away and called home from RedmondI recently found a surprising leak vector in Windows 10 installations. We were porting our Beacon to Windows and for easy deployment…Oct 7, 20193Oct 7, 20193
Published inSensorFuSensorFu Beacon How To: 3 steps to always know if your isolated Linux leaksWhen you need to build isolated and strictly restricted Linux environments for special purposes you want to know it truly is and stays…Feb 20, 2019Feb 20, 2019
Published inSensorFuWhy Ethernet Broadcast Escape Tests MatterWe recently implemented a network escape to SensorFu Beacon that uses Ethernet broadcasts. Why? First of all you can test all the hosts in…Mar 2, 2018Mar 2, 2018