Research

Independent research posts (may vary from infosec).
May
27

File Upload Vulnerability Tricks and Checklist

10 min read
May
21

Method Invocation in Go's builtin template modules lead to file read and RCE.

4 min read
Jan
30

How a person's name can be vital in a Social Engineering operation.

5 min read
Nov
12

Adminer SSRF CVE-2020-28654 (Bypass CVE-2018-7667 and smuggle POST parameters)

6 min read
May
31

Finding vulnerabilities in an open-source CMS.

21 min read