Day[0]

A weekly podcast for bounty hunters, exploit developers or anyone interesting in the details of the

Episodes

Total: 267

Buggy Browsers, Heap Grooming, and Broken RSA?
2021/3/9

This week we get to take a look into some basic heap grooming techniques as we examine multiple heap

BlackHat USA, Pre-Auth RCEs, and JSON Smuggling
2021/3/2

This week we talk a bit about newly released Black Hat 2020 and NDSS 2021 presentation videos, befor

PDF Exploits, GPGME Making Mistakes EZ and Favicon Tracking
2021/2/23

A couple privacy violations, PDF exploits, and a complicated API being misused by developers. [00:0

Industrial Control Fails and a Package disguised in your own supply
2021/2/16

"Beg Bounty" hunters, dependency confusion, iOS kernel vuln, and how not to respond to security rese

MediaTek BootROM Broken, Free Coffee, and an iOS Kernel Exploit
2021/2/9

A lot of discussion this week about OSS security and security processes, an iOS kernel type confusio

OSED, North Korean hackers, NAT Slipstream 2.0, and PGP (in)security
2021/2/2

Starting with a long discussion about the North Korean hackers targeting security reseachers, and so

Snooping YouTube History and Breaking State Machines
2021/1/26

This week is a shorter episode, but still some solid bugs to look at. From a full chain Chrome explo

Breaking Lock Screens & The Great Vbox Escape
2021/1/19

Several lockscreen-related vulnerabilities this week, a cross-site leak,  and the hijacking of

Universal Deserialization, Stealing Youtube Videos, and CTFs
2021/1/12

A new universal deserialization gadget for Ruby, a Rocket.Chat SAML auth bypass, and some heap explo

Hacking Nintendo 3DS, Apple vs Corellium, and Android Bugs
2021/1/5

An update on Apple v. Corellium, some 3DS vulnerabilities, and some drama on this weeks episode. [0

Fireeye, PS4 exploit, and MacOS LPE
2020/12/15

Big news this week as several government agencies and contractors may have been compromised. We also

Rooting iOS, Hacking with cURL, and the end of Use-After-Free
2020/12/8

Some solid exploit development talk in this episode as we look at an iOS vuln, discuss the exploitab

Bad Blocklists, Legal News, and Windows Vulns
2020/12/1

More SD-PWN, more Tesla hacks, potential RCE in Drupal, and a couple windows vulns. [00:00:27] Congr

Jailbreaks, Stealing Playstation Accounts, and Automatic Exploit Generation
2020/11/24

This week we talk a bit about some Black Friday deals before jumping into another SD-WAN pwn, some j

Hacking Voatz and Rooting Ubuntu
2020/11/17

Some interesting tips and tricks as we look at multiple privileges escalations from XNU to Ubuntu, B

Pwn2Own, Tianfu Cup, and Other Hacks
2020/11/10

A Facebook DOM-based XSS, Rocket.chat and Github Actions RCEs, and a Brave Browser information discl

A Look At OSEP, Hacking Metasploit and the Legal Risks of Research
2020/11/3

This week we are joined by CTS to discuss fuzzing. We also take at PEN-300/OSEP. Before jumping into

Low-cost Penetration Testing, High Performance Fuzzing and Github RCEs
2020/10/27

A lot to cover in this episode, from high performance fuzzing on GPUs, to low-cost pentesters, and A

Some Discord, a Bad Neighbor and a BleedingTooth
2020/10/20

It has been a while since we had an exploit extravaganza but here we are. Several binary-level issue

Breaking into HashiCorp Vault, Apple and Google
2020/10/13

Its a web-exploit heavy episode impacing Apple, Hasicorp, Azure, Google, and even a DOMPurify Bypass