Our Blog

Browser Cache Smuggling: the return of the dropper

Reading time: ~8 min
Posted by aurelien.chalot@orangecyberdefense.com on 24 March 2025
Categories: Browser, Cache, Dllproxy, Redteam, Smuggling
A year and a half ago I wrote a blog post describing how browsers’ cache system can be abused to...

Browsers’ cache smuggling

Reading time: ~13 min
Posted by aurelien.chalot@orangecyberdefense.com on 10 July 2023
Categories: Browser, Cache, Redteam, Smuggling
On red team engagements, I often use social engineering to get one of my client’s employees to run my malicious...

The hunt for Chromium issue 1072171

Reading time: ~40 min
Posted by Javier Jimenez on 29 May 2020
Categories: Browser, Chrome, Exploit development, Vulnerability research, 0day, V8, Vulnerability
Intro The last few months I’ve been studying Chrome’s v8 internals and exploits with the focus of finding a type...

Intro to Chrome’s V8 from an exploit development angle

Reading time: ~15 min
Posted by Javier Jimenez on 28 February 2020
Categories: Browser, Browsers, Chrome, Exploit development, Exploitation, Javascript, Reverse engineering, V8
Intro Last Christmas I was doing quite a bit of research around an exploit for Chrome’s JavaScript engine, V8. While...