PinnedPavel ShabarkininInfoSec Write-upsGSuite domain takeover through delegationJul 27, 20221Jul 27, 20221
PinnedPavel Shabarkin1-click RCE in Electron ApplicationsHow simple link opening leads to RCEApr 22, 2022Apr 22, 2022
PinnedPavel ShabarkininTowards AWSPointer: Hunting Cobalt Strike globallyIntroductionSep 16, 2021Sep 16, 2021
Pavel ShabarkinI have just realized that more people found similar stuff at the same time)If you are interested I found a couple of attack vectors in October 2022. I have described them here:Sep 14, 2023Sep 14, 2023
Pavel ShabarkininBLOCK6Optimism 2M$ vulnerability, post reviewThe review of the money printing vulnerability in Optimistic RollupJul 21, 20221Jul 21, 20221
Pavel ShabarkinFinding SQL Injections through source code in .NET applicationsCodeAllTheThingsJul 8, 2022Jul 8, 2022
Pavel ShabarkinFinding broken access controls through source code in .NET applicationsCodeAllTheThingsMay 25, 2022May 25, 2022
Pavel Shabarkin0-click RCE in Electron Applications0-click RCE in Electron ApplicationsMay 4, 2022May 4, 2022
Pavel ShabarkinPhishing and credential harvesting in Electron applicationsPhishing in misconfigured Electron appsMar 30, 2022Mar 30, 2022