/WebKitPwn

Some papers and exploit writeups about WebKit.

WebKitPwn

Some papers and exploit writeups about WebKit. Reading list for VR.

Architecture

Apple Browser Internals

WebKit Architecture

Writeups

A Guide to Assertion Macros in WebKit

A New Bytecode Format for JavaScriptCore

Apple Safari JavaScriptCore Inspector Type Confusion

CVE-2017-2446 or JSC__JSGlobalObject__isHavingABadTime

CVE-2018-4441 OOB R_W via JSArray unshiftCountWithArrayStorage

Concurrent JavaScript It can work!

Browser Hacking with ANGLE

Introduction to WebKit Exploitation

Efficient Implementation of SELF (All techniques used in modern browsers)

Exploit MacOS Kernel Vulnerability to Escape Safari Sandbox

Exploitation of CVE-2020-9802 a JavaScriptCore JIT Bug

Exploiting CSP in Webkit to Break Authentication & Authorization

Exploiting WebKit JSPropertyNameEnumerator Out-of-Bounds Read (CVE-2021-1789)