Recent posts
Technical blogs written by me
Discover hidden vhosts via HTTP/1.0 Host fallback, then SSRF localhost to leak a flag-bearing header through /think.
Learn how to upgrade a basic reverse shell into a fully interactive TTY with tab completion, job control, and clean terminal output.
After gaining initial access, often times we will need to exfiltrate files out of the target system to our local machine.
Work and Projects
Dynamic File Generator
A cybersecurity tool to aid in generating logs or traffic by creating application compatible dummy files with arbitrary sizes.
Cluster User Emulation System
An emulator system to simulate and monitor a mid size cluster of users’ normal network traffic actions and the local activities events.
Gigatal Wallet
A security first, web-based digital wallet implemented with RBAC, IAM with Keycloak and Docker.
Circle of War
A CTF hosting platform built for organising CTF challenges. Winner of Antler Ignite competition.
Trace-based Exploit Detection
Research on low-level program's execution traces for exploit detection such as execution flow hijacking and ROP attacks.
Like what you're seeing?
Check out my posts or contact me.