Unlocking qualcomm bootloader

局域网p2p视频聊天

Android kernel exploit for CVE-2025-38352, previously exploited in-the-wild. Targets vulnerable x86_64 Linux kernels v5.10.x.

✅Browser ❌Cloudflare ✅Host — Generator of customized Cloudflare error pages (unofficial)

This repository contains the tools we used in our research on the Google Titan M chip

Depix is a PoC for a technique to recover plaintext from pixelized screenshots.

Writeup and exploit for CVE-2025-22441: Privilege escalation from installed app to SystemUI process on Android due to pass of untrusted ApplicationInfo to LoadedApk

Writeup and exploit for CVE-2024-49746: Android's Parcel::continueWrite closing File Descriptors that are later used

Writeup and exploit for CVE-2024-34740, integer overflow in Android's BinaryXmlSerializer to system_server file write and then to system_server code execution from normal installed app

A tool to recover a fully analyzable .ELF from a raw kernel, through extracting the kernel symbol table (kallsyms)

CVE-2025-21479 proof-of-concept, I think

A next-generation frontend framework designed for MtF-wiki, based on Next.js.

铁路车站代码查询 × 动车组交路查询

Appshark is a static taint analysis platform to scan vulnerabilities in an Android app.

基于Memprocfs和Volatility的可视化内存取证工具

Fuzzing harness for testing proprietary image codecs supported by Skia on Android

云小智 - 一款全面的校园教务查询微信小程序。包括课表查询、成绩查询、校历、一键评教、考试安排、成绩排名、空教室查询等

精读鸿蒙内核源码,百万汉字注解分析;百篇博客深入解剖,挖透内核地基工程.注解同步官方,工具文档齐全,多站点发布 . weharmonyos.com

Appshark is a static taint analysis platform to scan vulnerabilities in an Android app.

一些杂七杂八的笔记。

跨性别中文数字档案馆与资料库

aosp sources without prebuilts

pinduoduo backdoor

乌云网站已经离我们而去，可能再也不会回来了！谨以此纪念乌云！

Android Emulator with Newest Security Patch

The Leading Security Assessment Framework for Android.

The Android Agent for the Drozer Security Assessment Framework.

Files related to the Pwn2Own Toronto 2023 exploit against the Xiaomi 13 Pro.

PoC of CVE-2022-20474