Welcome to my space for documenting offensive security research.
Here I share vulnerability findings, write-ups, and practical insights that highlight techniques, pitfalls, and lessons learned from real-world security testing.
| Cover image | ||||
|---|---|---|---|---|
| :terminal: | Beyond a Fly in the Wild | Breaking down WildFly’s defenses and the alternative file upload attack paths adversaries may pursue when direct code execution isn’t possible. | wildfly.png | beyond-a-fly-in-the-wild |
| :terminal: | CVE-2024-42845 - Invesalius3 RCE | Remote Code Execution in DICOM import due to unsafe use of eval in coordinates parsing. | invesalius.png | cve-2024-42845-invesalius3-rce |
| :terminal: | Streamlining CVE Research using GitHub | Highlighting GitHub's vulnerability reporting workflow and the CVEs discovered during this process. | github-security-advisory.png | streamlining-cve-research-using-github |
