http://www.zerodayengineering.com State-of-the-art vulnerability research & courses en-us https://zerodayengineering.com/images/logo.png http://www.zerodayengineering.com https://zerodayengineering.com/research/pwn2own-2021-vm-escape.html A virtual machine escape exploit will typically require kernel privileges in the guest OS. In this exploit I chose to offload the reverse-engineered toolgate protocol implementation to a Python module, while keeping my low-level kernel code minimal, just enough to implement the attack interface - a nod to the principle of least privilege in systematic software engineering, which we miss a lot in non-trivial exploit development. Wed, 08 Apr 2024 12:00:00 GMT https://zerodayengineering.com/insights/chrome-viz-v8-wasm.html Emergency security updates were recently released by Google for a two-bug exploit chain under active exploitation targeting Chrome browser. This quick technical note looks at the bug chain from a cutting edge vulnerability research perspective, placing root cause analysis in the context of both system internals and offensive research trends. Wed, 17 May 2024 11:20:00 GMT https://youtu.be/YpsfQl0V_3k Published recording of technical conference talk: "JavaScript Engines Vulnerability Research: State of the Art" (Hack in the Box x Positive Hack Days 2024 Bangkok, Alisa Esage) Wed, 31 May 2024 07:30:00 GMT https://zerodayengineering.com/training/masterclass/hypervisor-security-nightly.html#hackingkvm Set up a Kernel Virtual Machine hacking platform, from zero to ready in four hours. Hands-on deep technical masterclass with essential theory. Livestream on Saturday 10th August, 12:00-16:00 UTC. Mon, 5 August 2024 12:55:00 GMT https://zerodayengineering.com/research/discussion-fuzzing-from-first-principles.html On September 14, 2024, I had participated in the Off By One Security Podcast by SANS. I presented my Probabilistic Theory of Fuzzing there for the first time – and explained how practical low-level fuzzing works through it. In this follow-up article I release the slides of my podcast - while tackling selected questions and comments from the livestream chat that didn’t make it into the live Q&A. Wed, 14 Oct 2024 09:00:00 GMT https://zerodayengineering.com/research/slides/VXCON2024_Keynote.pdf On November 16th, 2024, I gave a keynote at VXCON 2024 conference, Hong Kong. I offered my insights on how AI will change the art of vulnerability research. Sat, 16 Nov 2024 09:00:00 GMT https://zerodayengineering.com/research/slides/VXCON2024_Keynote.pdf On November 15th, 2024, I gave a workshop on browser exploitation at VXCON 2024 conference, Hong Kong. In this workshop I taught my full process of exploiting a non-trivial vulnerability in Google Chrome's v8 JavaScript engine, from zero-knowledge patch to novel exploit concept. The slide deck holds the skeleton of my methodology. Fri, 15 Nov 2024 09:00:00 GMT https://zerodayengineering.com/training/schedule.html Fri, 13 Dec 2024 13:21:00 GMT https://zerodayengineering.com/training/masterclass/browser-security-nightly.html#domuaf Online on 14th March, 13:00 UTC + on-demand. Mon, 17 Feb 2025 12:10:00 GMT https://zerodayengineering.com/research/slides/BH2025_ReverseEngineeringHexagonISDB.pdf On April 3rd, 2025, I had presented my work on reverse-engineering the hardware internals of Qualcomm Hexagon ISDB JTAG at Black Hat Asia 2021, Singapore. Hexagon is a tightly restricted proprietary architecture which doesn't permit low-level debugging – a challenge which I was tasked to conquer under a private commercial R&D contract. Fri, 08 Aug 2025 18:00:00 GMT https://zerodayengineering.com/training/browser-exploit-design.html Advanced exploratory training program covering 80%+ of the subject field systematically. Practicalities are based on Firefox, Chrome and WebKit. Full stack exploit exercises with modern 0-days include: renderer DOM use-after-free, JavaScript engine type confusion, and sandbox escape via IPC memory corruption. Intermediate to advanced level. Mon, 2 June 2025 12:10:00 GMT https://zerodayengineering.com/training/masterclass/hypervisor-security-nightly.html#hvr2025update In this series of four lectures Alisa looks into recent virtualization technology developments across hardware, exploit competitions, emergent attacks and fuzzing research. Details and purchase here: https://zerodayengineering.com/training/masterclass/hypervisor-security-nightly.html#hvr2025update Fri, 08 Aug 2025 18:00:00 GMT https://zerodayengineering.com/winter-deals.html Course bundles are one of our most requested features. For a limited time, we are offering three bundles which cover two specializations from zero to hero: browser and hypervisor. https://zerodayengineering.com/winter-deals.html Mon, 01 Dec 2025 18:00:00 GMT https://zerodayengineering.com/cft.html We're looking for team members who respect excellence, know their craft, and want to become part of a legend. https://zerodayengineering.com/cft.html Fri, 19 Dec 2025 18:00:00 GMT https://zerodayengineering.com/reviews/summary-2025.html Over the year 2025, we’ve seen a pattern in the public feedback from Zero Day Engineering students — something deeper than “good course” or “useful content.” Across LinkedIn and X, people describe ZDE not as training, but as a unique operating system for becoming a real vulnerability researcher. A few themes kept repeating: ... https://zerodayengineering.com/reviews/summary-2025.html Wed, 21 Jan 2026 12:00:00 GMT https://zerodayengineering.com/promo/summer-bundles/ Limited-time Summer Research Bundle: special deals across our self-paced training programs covering browser and hypervisor specializations. https://zerodayengineering.com/promo/summer-bundles/ Tue, 01 Jun 2026 12:00:00 GMT https://zerodayengineering.com/research/chrome-exploit-mitigations/ A firsthand analysis of three modern Chrome-specific exploit mitigations — MiraclePtr, v8 sandbox, and PartitionAlloc — from actual zero day research targeting Google Chrome. Tue, 02 Jun 2026 12:00:00 GMT