Pavel Shabarkin – Medium

Pavel Shabarkin

Pinned

Published in
InfoSec Write-ups

GSuite domain takeover through delegation

Jul 27, 2022

GSuite domain takeover through delegation

Jul 27, 2022

Pinned

1-click RCE in Electron Applications

How simple link opening leads to RCE

Apr 22, 2022

1-click RCE in Electron Applications

Apr 22, 2022

Pinned

Published in
Towards AWS

Pointer: Hunting Cobalt Strike globally

Introduction

Sep 16, 2021

Pointer: Hunting Cobalt Strike globally

Sep 16, 2021

I have just realized that more people found similar stuff at the same time)

If you are interested I found a couple of attack vectors in October 2022. I have described them here:

Sep 14, 2023

Sep 14, 2023

Published in
BLOCK6

Optimism 2M$ vulnerability, post review

The review of the money printing vulnerability in Optimistic Rollup

Jul 21, 2022

Optimism 2M$ vulnerability, post review

Jul 21, 2022

Finding SQL Injections through source code in .NET applications

CodeAllTheThings

Jul 8, 2022

Finding SQL Injections through source code in .NET applications

Jul 8, 2022

Finding broken access controls through source code in .NET applications

CodeAllTheThings

May 25, 2022

Finding broken access controls through source code in .NET applications

May 25, 2022

0-click RCE in Electron Applications

0-click RCE in Electron Applications

May 4, 2022

0-click RCE in Electron Applications

May 4, 2022

Phishing and credential harvesting in Electron applications

Phishing in misconfigured Electron apps

Mar 30, 2022

Phishing and credential harvesting in Electron applications

Mar 30, 2022

Pavel Shabarkin

Pavel Shabarkin

From zero to one in Security and Deep Learning https://www.linkedin.com/in/pavel-shabarkin-b99a31145/

Following

Help
Status
About
Careers
Press
Blog
Privacy
Terms
Text to speech
Teams