Browser exploit chain development, red-team tooling, and security assessment — with full containment.
This repository covers end-to-end offensive security research: vulnerability reproduction, exploit primitive development, exploit chain orchestration, post-exploitation tradecraft, and security assessment deliverables. Research targets Chrome (V8, Blink, Skia, ANGLE) and Firefox (SpiderMonkey, Gecko IPC, WebAssembly) across 2024–2026.
All CVEs reproduced here were already publicly disclosed and had published proof-of-concept code at the time of research. The contribution is primitive building, chaining, and delivery infrastructure — not novel vulnerability discovery. No zero-days are included or implied.
| CVE | Target | Technique | Level |
|---|---|---|---|
| CVE-2024-0517 | Chrome V8 Maglev | OOB Write | ACE |
| CVE-2024-1939 | Chrome V8 Wasm S128 | Type Confusion | ACE |
| CVE-2024-5830 | Chrome V8 Object Transitions | Type Confusion | ACE |
| CVE-2024-8381 | Firefox SpiderMonkey | Type Confusion | Trigger |
| CVE-2024-9680 | Firefox AnimationTimeline | UAF | UAF |
| CVE-2024-29943 | Firefox JIT Range Analysis | Bounds Check Elim | ARW |
| CVE-2024-29944 | Firefox Privileged JS | Sandbox Escape | ACE |
| CVE-2025-2857 | Firefox IPC | Sandbox Escape | Trigger |
| CVE-2025-4918 | Firefox Promise | OOB | OOB |
| CVE-2025-4919 | Firefox IonMonkey BCE | OOB → ARW | ARW |
| CVE-2025-5959 | Chrome Wasm JSPI | Sandbox Escape | ACE |
| CVE-2025-6558 | Chrome ANGLE WebGL2 | UAF | UAF |
| CVE-2025-13223 | Chrome V8 Property Array | Type Confusion | ARW |
| CVE-2026-2441 | Chrome CSS FontFeatureValuesMap | UAF | UAF |
| CVE-2026-2795 | Firefox Wasm GC | UAF → ACE | ACE |
| CVE-2026-2796 | Firefox Wasm JIT | Type Confusion | Trigger |
| CVE-2026-3909 | Chrome Skia Glyph Atlas | OOB Write | OOB |
ACE Arbitrary Code Execution ARW Arbitrary Read/Write UAF Use-After-Free Primitive OOB Out-of-Bounds Trigger Crash/PoC
HTTP-based C2 with analytics-style traffic mimicry. Flask operator API, session tracking, task dispatch. Beacon client with jitter algorithms (uniform, gaussian, exponential, working-hours, burst-sleep). 8-command hardcoded allowlist.
FuzzBunch-inspired orchestration with YAML module configs, chain builder, and go/no-go validation gates. Exploit server serves CVE HTML/JS from the repo, receives post-exploitation callbacks, and integrates with the C2 server.
9-component educational worm PoC: credential harvest, CLI interception, persistence, lateral movement, C2 beaconing, and polymorphic payload generation. Demonstrates organizational spread patterns for stakeholder awareness.
DoubleFantasy/MistyVeal-style pre-exploitation target fingerprinting. Browser version detection, webdriver and DevTools detection, screen geometry analysis, patch-level assessment. Go/no-go gating for the exploit chain.
DoublePulsar-inspired three-tier architecture: exploit → stager → payload. Reflective JavaScript loader with three loading strategies. Clean separation between delivery and payload so each tier is independently replaceable.
TURBINE-style operator console. Simulated demo mode (--demo) for
presentations; live mode (--c2 <url>) connects to the real C2
server for task dispatch and event monitoring. WASM version runs fully in-browser.
EventLogEdit-inspired artifact detection, audit gap analysis, and log parsing. Identifies what traces post-exploitation activity leaves — and where defenders have blind spots. Useful for both red and blue teams.
JavaScript fuzzers targeting JIT compiler phases (GVN, LICM, Range Analysis), IPC message routing, and V8 Turbofan optimization passes. Structured mutation with coverage feedback hooks.
Compiled ports of the beacon client, ContainmentGuard, and jitter library. 4.7MB static binary, zero runtime dependencies. Designed for deployment to target environments without a Python runtime.
Lightweight authenticated command relay for cross-platform exploit testing. HMAC-SHA256 auth, TLS, background command execution, file transfer. Pure Python, zero dependencies.
All tools enforce containment in code — not by convention or documentation alone. The following controls are active at runtime:
All C2 and beacon traffic is restricted to loopback (127.0.0.0/8) or Docker bridge.
ContainmentGuard checks the bind address at startup and refuses to run if a non-loopback
interface is requested.
The beacon's exec command is refused outside Docker containers.
All other commands are drawn from a hardcoded allowlist of 8 safe operations.
There is no dynamic command registration.
The Docker Compose lab runs on an internal: true network with no internet gateway.
Services are: C2 server, 2 beacons, exploit server, 2 simulated target apps.
The IDOL worm's persistence demo installs only a harmless cron heartbeat entry.
--cleanup removes it. Credential harvest and recon scripts are read-only
and do not exfiltrate data.
The in-browser session dashboard runs on simulated data generated locally.
There is no real C2 server behind it, no outbound HTTP, and no network access
from the WASM sandbox. The --c2 live mode is only available in
the local CLI version.
All reproduced CVEs target specific patched browser versions — they do not run against current releases. Exploit code is validated inside Docker containers running pinned, outdated browser builds.
Authorized red-team assessment evaluating the Databricks Apps platform under production conditions with no human-in-the-loop code review. The deliverable is an interactive Streamlit dashboard covering architecture gaps, attack scenarios, obfuscation techniques, post-exploitation impact, and the I.D.O.L. worm architecture. Audience: non-technical C-suite stakeholders evaluating governance controls.
Open Interactive Dashboard → (runs in-browser via WebAssembly — simulated data, no live C2)
Red-team assessment of the Snowflake data-cloud platform. Attack chains A–I cover
credential theft (UNC5537 pattern), Cortex AI prompt-injection to code execution
(CVE-2026-6442), Native Apps Marketplace supply-chain risk, federated-IdP compromise,
cross-cloud Storage Integration pivots, post-MFA key-pair JWT abuse,
Direct Share / replication exfil, SPCS over-broad egress, and MCP tool poisoning
against Cortex Agents. Companion PoC tooling (loopback-mocked, end-to-end runnable),
SIEM-side detection rules (Sigma / KQL / SPL), and a Cortex Guardrails FP/FN harness
ship in the repo. Field-by-field mapping of Snowflake Trail vs ACCOUNT_USAGE
lives in the analytical companion.
Research methodology, patch analysis, exploit chain architecture, AI-accelerated exploit development pipeline, pre-exploitation obfuscation, post-exploitation impact analysis, and threat scenario playbooks.
Authorization: All research was conducted under explicit written authorization. CVE reproductions target already-patched browser versions using techniques derived from publicly available proof-of-concept code. No zero-days are published here. Do not use any code or technique against systems you do not own or have explicit written authorization to test. See SECURITY.md for the full responsible disclosure policy.