@Externalist profile picture
Ahn Ki Chan @Externalist

Android technical lead @dfsec_com

Joined January 2009
  • Tweets 1,969
  • Following 401
  • Followers 4,352
12 Photos and videos
Pinned Tweet
Ahn Ki Chan@Externalist
16 Apr 2023
Here are the slides for my keynote, 'Mobile Exploitation, the past, present, and the future' at #Zer0Con2023. Zer0con was a blast as always, thank you @POC_Crew!! 🚀💫 github.com/externalist/prese…

12
139
416
91,044
Ahn Ki Chan retweeted
Dataflow Forensics
@df_forensics
19 Nov 2025
SPTM - The Last Bits: Concluding our deep and pioneering research into #SPTM and #GXF df-f.com/blog/sptm4 #DFF #DFFENDERS

SPTM - The Last Bits

The next iteration of DFF’s SPTM deep dive. This post aims to broaden the discussion and fill in the full picture of SPTM.

df-f.com
30
97
13,763
Ahn Ki Chan retweeted
Dataflow Security
@dfsec_com
30 May 2025
Our new blog post is live: blog.dfsec.com/ios/2025/05/3…

Blasting Past iOS 18

Dataflow Security blog

blog.dfsec.com
2
84
262
59,777
Ahn Ki Chan retweeted
Dataflow Forensics
@df_forensics
12 Feb 2025
Our latest blog post: Tracing Back to the Source | #SPTM Round 3 #TXM #iOS #macOS #DFF df-f.com/blog/sptm3

Tracing Back to the Source | SPTM Round 3

Our goal at DFF is to reveal any threats on mobile devices, and that requires us to keep up to date with every single version of Android and iOS, including the beta and "Developer Preview" phases....

df-f.com
2
51
113
22,658
Ahn Ki Chan retweeted
POC_Crew
@POC_Crew
7 Nov 2024
#POC2024 Ding-Dong 😎 Kicking off with @qwertyoruiopz with Keynote speech. We are fully packed
1
11
63
10,427
Ahn Ki Chan retweeted
Dataflow Forensics
@df_forensics
24 Jan 2024
Will macOS merge with iOS? #iOS #macOS #DFF #DFFENDERS #Debugging df-f.com/blog/macosandiosmer…

Will macOS and iOS merge?

Our goal at DFF is to reveal any threats on mobile devices, and that requires us to keep up to date with every single version of Android and iOS, including the beta and "Developer Preview" phases....

df-f.com
3
14
67
13,803
Ahn Ki Chan retweeted
Dataflow Security
@dfsec_com
25 Nov 2023
After 3 years, we finally managed to write our first blog post about a powerful XNU infoleak patched in 17.1 blog.dfsec.com/ios/2023/11/1…

That's FAR-out, Man

Dataflow Security blog

blog.dfsec.com
2
79
323
132,818
Ahn Ki Chan retweeted
Dataflow Forensics
@df_forensics
27 Nov 2023
Our in-depth exploration of #SPTM and #TXM continues df-f.com/blog/ios-17round2

iOS 17: New Version, New Acronyms | Round 2

Our goal at DFF is to reveal any threats on mobile devices, and that requires us to keep up to date with every single version of Android and iOS, including the beta and "Developer Preview" phases....

df-f.com
2
29
87
19,028
Ahn Ki Chan retweeted
Dataflow Security
@dfsec_com
15 Sep 2023
The rounds are on us at the #HEXACON2023 Social Event! DM us your favorite cocktail and we'll do our best to have the top requests available
2
38
11,541
Ahn Ki Chan retweeted
Dataflow Forensics
@df_forensics
8 Aug 2023
Our very first blog post: “iOS 17, new version, new acronyms” #iOS17 #DFF #sptm #txm df-f.com/blog/ios17

iOS 17: New Version, New Acronyms

Our goal at DFF is to reveal any threats on mobile devices, and that requires us to keep up to date with every single version of Android and iOS, including the beta and "Developer Preview" phases....

df-f.com
50
158
40,557
Ahn Ki Chan retweeted
Royal Hansen@royalhansen
2 Aug 2023
"In mid-2022, @Google Project Zero was provided with access to pre-production hardware implementing the ARM MTE specification. This blog post series is based on that review, and includes general conclusions about the effectiveness of MTE as implemented" googleprojectzero.blogspot.c…

Summary: MTE As Implemented

By Mark Brand, Project ZeroIn mid-2022, Project Zero was provided with access to pre-production ...

projectzero.google
26
58
10,405
Ahn Ki Chan retweeted
Samuel Groß@5aelo
21 Jul 2023
Sharing another V8 Sandbox design document more widely: docs.google.com/document/d/1… This one discusses how to protect code pointers - probably the most performance sensitive part touched by the sandbox - with (almost) no performance overhead.

V8 Sandbox - Code Pointer Sandboxing

V8 Sandbox - Code Pointer Sandboxing Author: saelo@ First Published: December 2022 Last Updated: July 2023 Status: Living Doc Visibility: PUBLIC This document is part of the V8 Sandbox Project and...

docs.google.com
2
61
222
27,684
Ahn Ki Chan retweeted
hardwear.io@hardwear_io
17 Jul 2023
🎮PS5 enthusiasts! Specter's talk is here! ⚡Specter @SpecterDev presented the evolving attack surface, modern mitigations like Supervisor Mode Access Prevention (SMAP) etc internal workings of the PS5's hypervisor ▶️youtu.be/HBFDjfmIUis #hw_ioUSA2023 #gamingconsole

Next-Gen Exploitation: Exploring The PS5 Security Landscape by...

Abstract:---------------The PlayStation 5 (PS5) represents a sign...

youtube.com
3
69
234
67,006
Ahn Ki Chan retweeted
Blacktop@blacktop__
19 Jul 2023
Here are my slides from my @0x41con presentation on Apple’s Lockdown Mode: blacktop.github.io/presentat… Enjoy 🎉 ⚠️ Ironically the slides won't load when you have Lockdown Mode enabled 💀 See README for more info here - github.com/blacktop/presenta…

GitHub - blacktop/presentations: Slides and resources for talks I've given

Slides and resources for talks I've given. Contribute to blacktop/presentations development by creating an account on GitHub.

github.com
9
61
282
63,662
Ahn Ki Chan retweeted
blasty
@bl4sty
19 Jul 2023
qualys.com/2023/07/19/cve-20… SSH agent forwarding just became even more dangerous. 😂-- leave it to the creative minds at Qualys to turn a series of dlopen() dlclose() calls (of unrelated/benign shared libraries) into arbitrary code exec, hats off!
55
168
22,806
Ahn Ki Chan retweeted
0x41con@0x41con
7 Jul 2023
If you squint hard enough, you'll see you were there! I hope you all had a great time. Till next time! 😎
3
22
78
29,501
Ahn Ki Chan retweeted
~@xerub
8 Jul 2023
The @0x41con lives on because of the hardcore diehard fans it gained over the years who offered to organize and keep it alive. It takes time, effort & money to give you the experience for free. Mad props @Simone_Ferrini, @f_roncari, @jndok for hosting the 4th ed. It was amazing!
11
49
14,199
Ahn Ki Chan retweeted
Filippo Roncari@f_roncari
3 Jul 2023
It was an honour to organize with @xerub @Simone_Ferrini @jndok this 🇪🇸 edition of @0x41con, arguably the world's best conference for research quality. Shoutout to @xerub that made it possible, to all the speakers and to all the attendees who made it special 🫶🏼 #0x41con
1
8
32
8,804
Ahn Ki Chan retweeted
Blacktop@blacktop__
30 Jun 2023
I presented my Lockdown Mode research at @0x41con today and it was a dream come true ❤️ I started my iOS research journey ~5yrs ago & always dreamt of just attendin let alone presentin with such legends. This has been a tremendous honor! Thank u @xerub & @Simone_Ferrini et al.
2
14
108
24,461
Ahn Ki Chan retweeted
starlabs@starlabs_sg
14 Jun 2023
The Old, The New and The Bypass - One-click/Open-redirect to own Samsung S22 at Pwn2Own 2022 written by @testanull starlabs.sg/blog/2023/06-the… Thanks to @thezdi for reviewing and inputs to the blog post. Greatly appreciate that.
60
177
46,290
Ahn Ki Chan retweeted
Man Yue Mo@mmolgtm
25 May 2023
This time I'll look at CVE-2022-46395, an Arm Mali GPU driver UAF I found by analysing Jann Horn's CVE-2022-36449. I'll also use a technique of Jann Horn to win a very tight race to gain arbitrary kernel code execution and root from untrusted Android app. github.blog/2023-05-25-rooti…

Rooting with root cause: finding a variant of a Project Zero bug

In this blog, I’ll look at CVE-2022-46395, a variant of CVE-2022-36449 (Project Zero issue 2327), and use it to gain arbitrary kernel code execution and root privileges from the untrusted app domain...

github.blog
8
87
243
36,906
Load more