Security Research Notes

This directory contains security research notes about parts of Chromium of particular interest to attackers.

The notes represent our understanding of a particular area of functionality at time of publishing, which we know is often incomplete, can become stale as code evolves, and may accidentally contain inaccuracies.

We publish these notes to

1. Preserve our understanding of areas of interest to security so we can refresh our memory of complex features after visiting other topics.
2. Give new team members a learning resource.
3. Boost productivity for external researchers making contributions to the Chrome Vulnerability Rewards Program.