• Home
  • About
    • k0ss security photo

      k0ss security

      The goal of this blog is to help advance the state of offensive netsec by giving walkthroughs not just of security flaws I've found, but how I found them as well.

    • Learn More
    • Twitter
    • LinkedIn
    • Github
    • StackOverflow
  • Posts
    • All Posts
    • All Tags

All Posts

  • FirstClass 0day Release (Part 2)

    ...and then an arbitrary file overwrite turned into code execution and persistent backdoor.

    Read More
  • FirstClass 0day Release (Part 1)

    It all started when I learned that you could create a settings file for someone by having them click on a specially formatted FCP:// URI link.

    Read More