Unzipping thoughts and fuzzing ideas not only about bug bounties and application security engineering but also life inspirations.

Exploitation of an SSRF vulnerability against EC2 IMDSv2

April 28, 2022

Refactoring and deploying ASNLookup.com & REST API on AWS

April 18, 2022

Exploiting a double-edged SSRF for server and client-side impact

April 3, 2022

Automated monitoring of subdomains for fun and profit — Release of Sublert

March 10, 2019

Python module UrlParse security inconsistency

March 3, 2015

How I discovered a $1000 open redirect in Facebook

December 30, 2014