All Posts
-
CVE-2026-0562: IDOR in LollMS friend request response
I reported this on December 29th, 2025, and it was assigned CVE-2026-0562 with a CVSS score of 8.3 (HIGH). The vulnerability is a classic IDOR: any authenticated user can accept or reject another user’s friend request just by guessing a sequential integer.
-
Finding Security Fixes Without CVE: A Changelog and Commit Pipeline
Many real security fixes never get a CVE. Maintainers patch a vulnerability, mention it in release notes or commit messages, and move on. If you care about supply-chain risk or tracking silent fixes, those changelogs and commits are a useful but underused signal. In this post I’ll walk through a...
-
Understanding Inconsistencies in IP Address Classification Across Programming Languages
As a security researcher, I’ve been analyzing IP address classification behaviors across various programming languages. Recently, I noticed some intriguing inconsistencies, particularly concerning how loopback and private IP addresses are treated. In this post, I’ll share my observations and insights on this matter.
-
SSRF Vulnerability: Bypassing Protection with DNS Rebinding Attack
While conducting security research, I discovered an SSRF (Server-Side Request Forgery) vulnerability in an application’s proxy and file parsing APIs. This vulnerability could be bypassed using a DNS rebinding attack. I reported it to the simstudioai/sim project; the development team fixed it quickly, and it was assigned CVE-2025-69660. In this...
-
I Scanned PyPI, npm, and RubyGems for Leaked Secrets. Microsoft, Automattic, Palo Alto and Many More
In the ever-shifting realm of cybersecurity, staying one step ahead of potential threats is a non-negotiable mission. Package repositories like PyPI, npm, NuGet, and RubyGems are goldmines of software packages, cherished by developers worldwide. While these packages are indispensable for crafting powerful applications, they may also harbor concealed secrets, making...
-
Game Hacking 101 Part 2: Memory Analysis with Minesweeper Reverse Engineering
In the first part of the Game Hacking 101 series, we learned memory manipulation techniques in Mount and Blade Warband. In this second part, we’ll explore more advanced techniques by reverse engineering Minesweeper. We’ll use Cheat Engine for pointer scanning, x64dbg for hardware breakpoints, and memory analysis to decode the...
-
Identifying Coin Scammers: Coin Mixing Analysis with Wallet-Tracker
Online scams are becoming increasingly common in today’s digital world. From phishing attempts to fake cryptocurrency exchanges, it can be hard to know who to trust. One tool that can help protect yourself from cryptocurrency scammers is Wallet-Tracker. This tool uses the Wallet-Tracker CLI, Neo4j database, and a user-provided scammer...
-
If Nobody Reads Code, Why Not Write in Assembly? So Here's Redis in Assembly
Everyone’s writing code these days. AI assistants generate functions, classes, entire applications. But here’s the thing: nobody’s reading it. We’re in this weird era where developers can produce thousands of lines without understanding what any of it does. I call it vibe-coding: you vibe with the AI, it writes code,...
-
Cross-Site WebSocket Hijacking in Bokeh: CVE-2026-21883
During a security review of Bokeh, I found a vulnerability in the WebSocket origin validation logic that allows Cross-Site WebSocket Hijacking (CSWSH). The match_host function in Bokeh’s server code uses flawed hostname matching that can be bypassed by registering malicious subdomains.
-
CVE-2026-22787: Cross-Site Scripting (XSS) Vulnerability in html2pdf.js Library
A Cross-Site Scripting (XSS) vulnerability has been identified in the html2pdf.js library. The vulnerability exists due to unsanitized user input being directly assigned to the innerHTML property. This allows attackers to execute arbitrary JavaScript code in the context of the application, potentially leading to session hijacking, data theft, and unauthorized...
-
Game Hacking 101: Memory Manipulation in Mount and Blade Warband
Game hacking opens a window into how games store and manage data in memory. By understanding memory manipulation, you can modify in-game values, experiment with game mechanics, and gain deeper insights into how software works at a low level. In this guide, we’ll explore memory manipulation techniques using Mount and...
-
SQL Injection Vulnerability: Security Issue in GeoPandas to_postgis() Function
While using the GeoPandas library one day, I noticed something was wrong with the to_postgis() function. User inputs were being directly concatenated into SQL queries. This was a classic SQL injection vulnerability. After finding the vulnerability, I also wrote the fix myself and opened a pull request. In this post,...
-
CVE-2025-66019: LZW Decompression DoS Vulnerability in pypdf Library
PDF files use various algorithms to compress their content. This compression reduces file size but also carries some security risks. While conducting security research, I discovered a DoS (Denial of Service) vulnerability in the pypdf library’s LZW (Lempel-Ziv-Welch) decompression implementation. In this post, I’ll first explain how the LZW algorithm...
-
PassDetective: Detecting Passwords and Secrets in Your Shell History
Your shell command history might contain accidentally written passwords, API keys, or secrets. This information is stored in your history files and poses a security risk. PassDetective is a command-line tool that scans your shell history to detect such sensitive information. Available on both Kali Linux and NixOS, this tool...
-
AI-Powered CAPTCHA Bypass: Automating CAPTCHA Solving with GPT-4o and Gemini
While conducting security research, I wanted to test how effective CAPTCHAs really are. I was curious about how well modern AI models could solve visual and text-based CAPTCHAs. That’s why I developed a tool that uses large multimodal models (LMMs) like OpenAI’s GPT-4o and Google’s Gemini to automatically solve various...
-
exifLooter: Extracting Hidden Location Data from Images
While using exiftool in OSINT research, I developed exifLooter as an enhanced version that makes it easier to extract GPS coordinates and visualize them on OpenStreetMap. exifLooter is built on top of exiftool and provides a more practical solution, especially for extracting GPS coordinates and visualizing them on maps. Moreover,...
-
Hacking Instagram Scammers
Security research on Instagram phishing scams. Learn how scammers steal Instagram accounts through phishing websites and how to investigate them using OSINT techniques and XSS vulnerabilities.
-
Bypassing Door Passwords
Instead of a key, this type of lock system requires a numerical code to grant entry to a facility or property. The code is punched in by users via a numerical pad, similar to those on a basic calculator. If the correct code is entered, the door lock or deadbolt...