Security research, career reflections, and technical deep-dives. Bi-weekly. No fluff.
Memory forensics write-up: a Cobalt Strike beacon disguised as a kernel process, credentials recovered from RAM, and a staged exfil archive. All reconstructed using Volatility output and strings analysis. 6/6 flags captured.
DFIR Challenge 01 complete write-up. A Linux server was compromised on November 14, 2025. I reconstructed the full attack timeline through log analysis alone. 6/6 flags captured.
A developer’s guide to SQL injection, seen from both sides of the keyboard. How the same code looks completely different once you learn to think like an attacker. Series: Developer Brain, Attacker Eyes.
My timetable said Maths, Physics and Chemistry. My evenings said something else. Twelve years later, I hunt vulnerabilities for a living — here’s how that happened.