11 January 2024
A collection of weggli patterns for C/C++ vulnerability research
“No one cares about the old […]
28 November 2023
Big update to my Semgrep C/C++ ruleset
“The attack surface is the vulnerability. […]
24 October 2023
Customizing Sliver – Part 3
In this third and final post […]
24 October 2023
Customizing Sliver – Part 2
Hello! This is the second part […]
24 October 2023
Customizing Sliver – Part 1
Lately I’ve been conducting research into […]
30 August 2023
Extending Burp Suite for fun and profit – The Montoya way – Part 4
Setting up the environment + Hello […]
19 July 2023
Extending Burp Suite for fun and profit – The Montoya way – Part 3
Setting up the environment + Hello […]
5 July 2023
Extending Burp Suite for fun and profit – The Montoya way – Part 2
Setting up the environment + Hello […]
5 July 2023
Extending Burp Suite for fun and profit – The Montoya way – Part 1
-> Setting up the environment + […]
13 June 2023
Pentesting Xamarin Android apps: DLLs and root check bypass
In this article, I’ll show how […]
27 February 2023
Abusing Maven’s pom.xml
Apache Maven is a well-known tool […]
21 December 2022
A journey into IoT – Unknown Chinese alarm – Part 4 – Internal communications
Disclaimer: as many other security researchers […]