Again, with a slight tweak of the template, I can move from US domains, to bouncing file/command/data transfers over encrypted comms, off the face of major Chinese corporations. Why domain-front, when you can abuse from a list of already established domains? 😈 paper soon maybe?

I’ve submitted plenty of bugs in software and never cared to claim a CVE. To me, saying I discovered CVE-blah never mattered. Most bugs don’t feel novel enough to care. Anyone else feel that way?

Dev during the day. Dev at night. Dev on the weekends. So many projects!

Why would I use a debugger when I can insert 100 print statements?

Offensive tradecraft by day, real estate SaaS by night

UniFi keeps dropping awesome stuff. Bad for the wallet, but unbelievably cool.

Coding for a minimum of 10 hour a day for the last month. Weekends included. Let’s fucking go

Unit tests? Never heard of em

Just another reason not to write JavaScript…

Moving my career away from pentesting feels strange, but I’m excited for this next chapter. Hacking things was super fun!

Happy to have passed the NGFW Engineer exam from Palo Alto Networks!

ChatGPT has an internal crisis over a seahorse

Hackers reportedly used something called "TruffleHog" during their attack. They also used "child_process", and something called HTTP, something called TLS, and something called TCP. Please be on the lookout for any of these hacking tools being used in your environment.

People worry about the latest and hottest vulnerabilities while their environment is full of 10 year old exploitable systems. Don’t get caught up chasing the shiny new objects.

I've been researching the Microsoft cloud for almost 7 years now. A few months ago that research resulted in the most impactful vulnerability I will probably ever find: a token validation flaw allowing me to get Global Admin in any Entra ID tenant. Blog: dirkjanm.io/obtaining-glob…

Computers were a mistake

Nothing like vibe coding on a Sunday night

Pretty nice way to end the week with a payout from a bug I found over 6 months ago! Totally forgot about it lol