Articles

Blog posts are identified by [Blog]

GreyCTF Qualifiers 2024 - Authors Writeup | Pwn

Baby Goods | Slingring Factory
2024.06.15
- #greyctf
- #greyhats
- #greyctf qualifiers
- #ctf
- #ctf blog
- #writeup
Windows Heap Manager - An Exploration

Personal Notes from Corelan Windows Heap Exploitation Workshop
2024.05.31
- #windows heap
- #windows
- #heap
- #exploit
- #vulnerability research
Hackbash Finals CTF 2024: Authors Writeup (pwn)

Full Buffer Developer | Stackrunning 2077 | To (not) kill a canary
2024.03.16
- #hackbash
- #aycep
- #greyhats
- #ctf
- #ctf blog
- #writeup
[Blog] GCC 2024: Recap

Global Cybersecurity Camp 2024
2024.02.26
- #gcc
- #div0
- #conference
[Blog] ECSC 2023: Recap

A blog post on my experience
2023.11.03
- #ecsc
- #ecsc2023
- #ctf
- #ctf blog
- #writeup
ECSC 2023: Lady Luck

ECSC 2023 Day 3: Pwn
2023.11.02
- #ecsc
- #ecsc2023
- #c
- #c++
- #pwn
- #ctf
- #ctf blog
- #writeup
ECSC 2023: Flux Capacitor

ECSC 2023 Day 1: Pwn
2023.11.02
- #ecsc
- #ecsc2023
- #c
- #pwn
- #ctf
- #ctf blog
- #writeup
ECSC 2023: Knife Party

ECSC 2023 Day 1: Pwn
2023.11.02
- #ecsc
- #ecsc2023
- #c++
- #pwn
- #ctf
- #ctf blog
- #writeup
GreyHats WelcomeCTF 2023: Pwn

Derusting my Pwn
2023.08.27
- #c++
- #c
- #pwn
- #ctf
- #greyhats
- #greyctf
- #welcomectf
- #ctf
- #ctf blog
- #writeup
Short Analysis of CVE-2021-33760

Update on Fuzzing WMF Metadata
2021.10.24
- #c++
- #fuzzing
- #windows
- #cve
- #bug
- #winafl
- #vulnerability research
- #windows media foundation
Fuzzing Windows Stuff: WMF

2. Windows Media Foundation: Metadata
2021.04.18
- #c++
- #fuzzing
- #windows
- #windows media foundation
- #winafl
- #vulnerability research
Fuzzing Windows Stuff: WMF

1. Windows Media Foundation: MP3
2021.03.12
- #c++
- #fuzzing
- #windows
- #windows media foundation
- #winafl
- #vulnerability research
Learning To Harness: Update

Minor Updates on Fuzzing Results
2021.01.14
- #c
- #fuzzing
- #adobe
- #acrobat dc
- #winafl
- #vulnerability research
Learning To Harness: Debugging and Fuzzing

Part 3: Fixing The Mistakes, Finishing The Harness
2020.12.15
- #c
- #fuzzing
- #adobe
- #acrobat dc
- #winafl
- #vulnerability research
STACK CTF 2020 - OSINT Challenge 2

Where was he kidnapped?
2020.12.09
- #ctf
- #writeup
- #osint
- #open source intelligence
- #ctf blog
STACK CTF 2020 - Mobile Challenges: Part 4

Challenge 5: Welcome to Korovax Mobile!
2020.12.09
- #ctf
- #writeup
- #mobile
- #android
- #android re
- #reverse engineering
- #ctf blog
STACK CTF 2020 - Mobile Challenges: Part 3

Challenge 3: Whats with the Search!
2020.12.09
- #ctf
- #writeup
- #mobile
- #android
- #android re
- #reverse engineering
- #ctf blog
STACK CTF 2020 - Mobile Challenges: Part 2

Challenge 4: True or false?
2020.12.09
- #ctf
- #writeup
- #mobile
- #android
- #android re
- #reverse engineering
- #ctf blog
STACK CTF 2020 - Mobile Challenges: Part 1

Challenge 1: Contact Us! | Challenge 2: Subscribe!
2020.12.09
- #ctf
- #writeup
- #mobile
- #android
- #android re
- #reverse engineering
- #ctf blog
Learning To Harness: Custom Stream Decoders

Part 2: Reverse Engineering a Stream Decoder
2020.11.20
- #c
- #fuzzing
- #adobe
- #acrobat dc
- #winafl
- #vulnerability research
Learning To Harness: Crash Coursing C

Part 1: Understanding structs and pointers in a harness
2020.10.26
- #c
- #fuzzing
- #adobe
- #acrobat dc
- #winafl
- #vulnerability research
Reproduction of PDFium Issue #933163

Use-after-Free vulnerability on CXFA_FFDocView::RunValidate()
2020.10.14
- #cve
- #chromium
- #pdfium
- #uaf
- #use after free
- #v8
- #vulnerability research
Writeup for RedPwnCTF 2020 coffer-overflow-0, 1, 2

Beginners Pwn
2020.06.26
- #ctf
- #linux-bof
- #ctf blog
- #writeup
- #ctf writeup

Blog posts are identified by [Blog]

GreyCTF Qualifiers 2024 - Authors Writeup | Pwn

Baby Goods | Slingring Factory

Windows Heap Manager - An Exploration

Personal Notes from Corelan Windows Heap Exploitation Workshop

Hackbash Finals CTF 2024: Authors Writeup (pwn)

Full Buffer Developer | Stackrunning 2077 | To (not) kill a canary

[Blog] GCC 2024: Recap

Global Cybersecurity Camp 2024

[Blog] ECSC 2023: Recap

A blog post on my experience

ECSC 2023: Lady Luck

ECSC 2023 Day 3: Pwn

ECSC 2023: Flux Capacitor

ECSC 2023 Day 1: Pwn

ECSC 2023: Knife Party

ECSC 2023 Day 1: Pwn

GreyHats WelcomeCTF 2023: Pwn

Derusting my Pwn

Short Analysis of CVE-2021-33760

Update on Fuzzing WMF Metadata

Fuzzing Windows Stuff: WMF

2. Windows Media Foundation: Metadata

Fuzzing Windows Stuff: WMF

1. Windows Media Foundation: MP3

Learning To Harness: Update

Minor Updates on Fuzzing Results

Learning To Harness: Debugging and Fuzzing

Part 3: Fixing The Mistakes, Finishing The Harness

STACK CTF 2020 - OSINT Challenge 2

Where was he kidnapped?

STACK CTF 2020 - Mobile Challenges: Part 4

Challenge 5: Welcome to Korovax Mobile!

STACK CTF 2020 - Mobile Challenges: Part 3

Challenge 3: Whats with the Search!

STACK CTF 2020 - Mobile Challenges: Part 2

Challenge 4: True or false?

STACK CTF 2020 - Mobile Challenges: Part 1

Challenge 1: Contact Us! | Challenge 2: Subscribe!

Learning To Harness: Custom Stream Decoders

Part 2: Reverse Engineering a Stream Decoder

Learning To Harness: Crash Coursing C

Part 1: Understanding structs and pointers in a harness

Reproduction of PDFium Issue #933163

Use-after-Free vulnerability on CXFA_FFDocView::RunValidate()

Writeup for RedPwnCTF 2020 coffer-overflow-0, 1, 2

Beginners Pwn