~ /ready-to-go $

5o1z_

The deeper you look, the less anything is as it seems — security is just philosophy with a debugger.

Featured

Heap Exploitation: Getting Started

Published date: 8 May, 2025

You will see the world is so big when you learn heap. A beginner-friendly walkthrough of the glibc heap: chunks, bins (fastbin, tcache, unsortedbin, smallbin, largebin), unlinking, consolidation, and remaindering.

[3/ 3]

CVE-2023-3079: V8 Inline Cache Type Confusion

Published date: 13 Apr, 2026

A logic bug in V8's Inline Cache subsystem that leads to type confusion via incorrect element kind handling for JSArgumentsObject, enabling hole leak and arbitrary read/write.
[PWN COLLEGE] - V8 Exploitation Part 2

Published date: 18 Jan, 2026

Continuing the V8 Exploitation journey — pwn.college Browser Exploitation levels 4–6: setLength OOB, offByOne abusing fast-properties, and functionMap type confusion.
[PWN COLLEGE] - V8 Exploitation Part 1

Published date: 2 Jan, 2026

New journey into V8 Exploitation — pwn.college Browser Exploitation levels 1–3: environment setup, ArrayRun, GetAddressOf / ArbRead32 / ArbWrite32, GetFakeObject, and JIT spraying.