PinnedPavel ShabarkininInfoSec Write-upsGSuite domain takeover through delegation5 min read·Jul 27, 2022--1--1
PinnedPavel Shabarkin1-click RCE in Electron ApplicationsHow simple link opening leads to RCE6 min read·Apr 22, 2022----
PinnedPavel ShabarkininTowards AWSPointer: Hunting Cobalt Strike globallyIntroduction14 min read·Sep 16, 2021----
Pavel ShabarkinI have just realized that more people found similar stuff at the same time)If you are interested I found a couple of attack vectors in October 2022. I have described them here:1 min read·Sep 14, 2023----
Pavel ShabarkininBLOCK6Optimism 2M$ vulnerability, post reviewThe review of the money printing vulnerability in Optimistic Rollup4 min read·Jul 21, 2022--1--1
Pavel ShabarkinFinding SQL Injections through source code in .NET applicationsCodeAllTheThings6 min read·Jul 8, 2022----
Pavel ShabarkinFinding broken access controls through source code in .NET applicationsCodeAllTheThings7 min read·May 25, 2022----
Pavel Shabarkin0-click RCE in Electron Applications0-click RCE in Electron Applications4 min read·May 4, 2022----
Pavel ShabarkinPhishing and credential harvesting in Electron applicationsPhishing in misconfigured Electron apps8 min read·Mar 30, 2022----