I finally took the time to distill my key research projects on my website with diagrams and artifact links. I'm really proud to have led and worked on so many exciting and challenging projects across the firmware, systems, and mobile security spaces. hernan.de/research/

This is incredible!

The most challenging part of writing "The Secret Life of Circuits" wasn't the writing process. It was crafting over 290 full-color illustrations on my own design. I think they set the book apart. For a no-strings-attached sample chapter, check out: lcamtuf.coredump.cx/electron…

Pretty sweet WASM emulator! Quite nostalgic to see ancient Android UI copy.sh/v86/?profile=android

A little warm

Not even half way through March this guy declares manual CTFing dead because he got 1st place for 2026 on CTFTime through volume 😂 Here's the CTFs he's played in this year: ctftime.org/team/248318 CTFTime scoring model and voting system has as long as I can remember been very subjective (i.e. broken). This is giving "XBOW is the best hacker on HackerOne" energy. But lest I be accused of "cope" yeah I agree A.I. has permanently altered the meta and there's no going back. I'm out of the game these days but I have nostalgia for my active seasons of playing, challenge writing, and hosting CTFs before the "A1"

Pretty interesting SIP SDP vulnerability that uses a stack clash as the trigger. SIP headers are tricky to get right which makes this PoC cool. What's most interesting to me is that you can just execute shellcode after corrupting a function pointer. I have not done VR for UNISOC so this comes as surprise to me given other modem vendors have worked to eliminate RWX sections (not always successfully I might add). The next question I have is would this payload even survive transiting various carrier networks, each of which may have their own weird IMS infrastructure configurations