PinnedPublished inInfoSec Write-upsGSuite domain takeover through delegationJul 27, 20221Jul 27, 20221
Pinned1-click RCE in Electron ApplicationsHow simple link opening leads to RCEApr 22, 2022Apr 22, 2022
PinnedPublished inTowards AWSPointer: Hunting Cobalt Strike globallyIntroductionSep 16, 2021Sep 16, 2021
I have just realized that more people found similar stuff at the same time)If you are interested I found a couple of attack vectors in October 2022. I have described them here:Sep 14, 2023Sep 14, 2023
Published inBLOCK6Optimism 2M$ vulnerability, post reviewThe review of the money printing vulnerability in Optimistic RollupJul 21, 20221Jul 21, 20221
Finding SQL Injections through source code in .NET applicationsCodeAllTheThingsJul 8, 2022Jul 8, 2022
Finding broken access controls through source code in .NET applicationsCodeAllTheThingsMay 25, 2022May 25, 2022
Phishing and credential harvesting in Electron applicationsPhishing in misconfigured Electron appsMar 30, 2022Mar 30, 2022