Security research, decoded.
CVE deep-dives, vulnerability analysis, ethical hacking. No fluff.
Featured
My Experience on How RAT Communication Works
In this article, I share my experience and insights on how Remote Access Trojan (RAT) communication works. How RATs establish a TLS connection over port 443, creating an evasion technique to bypass network security measures.
Building a Forta Bot to Detect Flash Loan-Funded Governance Attacks in Real Time
This content is provided for **EDUCATIONAL** and **AUTHORIZED SECURITY TESTING** purposes only.
The Handoff Problem: Writing Bug Reports That Survive a Triage Engineer's First 90 Seconds
This content is provided for **EDUCATIONAL** and **AUTHORIZED SECURITY TESTING** purposes only.
Filter by category
CVE
CVE-2005-2773: When Your Network Management Platform Becomes the Attacker's Command Line
In enterprise security, the cruelest irony is when the tool you deploy to *monitor* your network becomes the tool an attacker uses to *own* it.
CVE-2007-5659: The PDF That Could Own Your Machine — Adobe's JavaScript Buffer Overflow Problem
Before endpoint detection was mature and sandboxing was standard, PDF files were one of the most reliable vectors for mass exploitation.
CVE-2008-2992: When Adobe Acrobat's JavaScript Engine Turned PDFs Into Remote Code Execution Weapons
Let's cut through the surface-level description: this isn't just a "buffer overflow in a PDF reader.
CVE-2009-0557: The Excel Object Record Corruption That Turned Spreadsheets Into Attack Vectors
In 2009, opening a spreadsheet from a colleague could hand an attacker full control of your machine—and most people had no idea the file format they trusted every day was a loaded weapon.
CVE-2009-1862: When Your PDF Reader Became a Drive-By Download Target
In the summer of 2009, attackers found a way to turn two of the most trusted file formats on the internet—PDFs and SWF files—into silent malware delivery machines.
CVE-2009-3129: The Excel FEATHEADER Vulnerability That Turned Spreadsheets Into Weapons
To understand this vulnerability, you need to know what a `FEATHEADER` record is. Excel's binary file format (`.
Articles
AMM Invariant Drift: How Fee Accumulation and Donation Attacks Break Constant-Product Assumptions
The constant-product invariant — `x * y = k` — is the mathematical backbone of every Uniswap V2-style AMM. It is elegant, deterministic, and, in pure mathematical terms, unbreakable.
Defeating Self-Modifying Code in VM-Protected Binaries: A Practical Unpacking Workflow with x64dbg Scriptable Breakpoints
Commercial protectors like Themida and VMProtect do not simply compress or encrypt code — they *architecturally replace* it.
Extracting Firmware from SPI Flash Chips Using a Bus Pirate and Clip-On Probes
This content is provided for **EDUCATIONAL** and **AUTHORIZED SECURITY TESTING** purposes only.
GraphQL Alias Batching as a Rate-Limit and IDOR Bypass Primitive
GraphQL was designed to give clients power — the power to ask for exactly what they need, composed however they like, in a single round-trip. That composability is also its security paradox.
IBC Channel Security: How Unordered Channels Enable Cross-Chain Replay Attacks on Cosmos
The Inter-Blockchain Communication protocol (IBC) is one of the most sophisticated pieces of engineering in the blockchain space.
IPv6 Rogue Router Advertisements: Hijacking Windows and Linux Hosts on Dual-Stack Networks
Most security teams have a coherent IPv4 policy. Firewalls, DHCP snooping, ARP inspection — the usual suspects are configured and audited.