Writeups
CTF writeups, fuzzing, and security research.
- A Deep Dive into CVE-2023-28252 — Improper Exception Handling into Arbitrary Increment
- GreyCTF Qualifiers 2024 - Author's Writeup | Pwn — Baby Goods | Slingring Factory
- Windows Heap Manager - An Exploration — Personal Notes from Corelan Windows Heap Exploitation Workshop
- Hackbash Finals CTF 2024: Author's Writeup (pwn) — Full Buffer Developer | Stackrunning 2077 | To (not) kill a canary
- ECSC 2023: Knife Party — ECSC 2023 Day 1: Pwn
- ECSC 2023: Flux Capacitor — ECSC 2023 Day 1: Pwn
- ECSC 2023: Lady Luck — ECSC 2023 Day 3: Pwn
- GreyHats WelcomeCTF 2023: Pwn — Derusting my Pwn
- Fuzzing Windows Stuff: WMF — 2. Windows Media Foundation: Metadata
- Fuzzing Windows Stuff: WMF — 1. Windows Media Foundation: MP3
- Learning To Harness: Update — Minor Updates on Fuzzing Results
- Learning To Harness: Debugging and Fuzzing — Part 3: Fixing The Mistakes, Finishing The Harness
- STACK CTF 2020 - Mobile Challenges: Part 1 — Challenge 1: Contact Us! | Challenge 2: Subscribe!
- STACK CTF 2020 - Mobile Challenges: Part 2 — Challenge 4: True or false?
- STACK CTF 2020 - Mobile Challenges: Part 3 — Challenge 3: What's with the Search!
- STACK CTF 2020 - Mobile Challenges: Part 4 — Challenge 5: Welcome to Korovax Mobile!
- STACK CTF 2020 - OSINT Challenge 2 — "Where was he kidnapped?"
- Learning To Harness: Custom Stream Decoders — Part 2: Reverse Engineering a Stream Decoder
- Learning To Harness: Crash Coursing C — Part 1: Understanding structs and pointers in a harness
- Reproduction of PDFium Issue #933163 — Use-after-Free vulnerability on CXFA_FFDocView::RunValidate()
- Writeup for RedPwnCTF 2020 coffer-overflow-0, 1, 2 — Beginner's Pwn