8 February 2024
Java applet + serialization in 2024! What could go wrong?
Recently, during a red team engagement […]
11 January 2024
A collection of weggli patterns for C/C++ vulnerability research
“No one cares about the old […]
30 November 2023
DevSecCon Italy video
Hi! Yesterday I spoke at DevSecCon […]
28 November 2023
Big update to my Semgrep C/C++ ruleset
“The attack surface is the vulnerability. […]
7 November 2023
OST2, Zephyr RTOS, and a bunch of CVEs
“When hackers tell me it’s so […]
24 October 2023
Customizing Sliver – Part 3
In this third and final post […]
24 October 2023
Customizing Sliver – Part 2
Hello! This is the second part […]
24 October 2023
Customizing Sliver – Part 1
Lately I’ve been conducting research into […]
30 August 2023
Extending Burp Suite for fun and profit – The Montoya way – Part 4
Setting up the environment + Hello […]
19 July 2023
Extending Burp Suite for fun and profit – The Montoya way – Part 3
Setting up the environment + Hello […]
5 July 2023
Extending Burp Suite for fun and profit – The Montoya way – Part 2
Setting up the environment + Hello […]
5 July 2023
Extending Burp Suite for fun and profit – The Montoya way – Part 1
-> Setting up the environment + […]