When you find a crit...

When you see the potential for injections everywhere... github.com/openai/swarm?t…

History repeat. So what you learn is never lost... bleepingcomputer.com/news/security/…

When I read the spec, I see that the cache is immutable. Since it's black box, I try to recreate an entry. Guess what?

The framework 13 3:2 aspect ratio is amazing for code reviews.

The beginning of the year was hard, because life ain't always easy. But glad to be back at it...

Small update today...

Tense political evening...

🧨

According to my wife and rez0 I have ADHD.

Last year, Google VRP (Google Bug Hunters) closed a report I submitted as out of scope. I forgot about it. Today, they reassessed it — and just awarded me $50,000 🤯 It's my biggest bounty to date 🥳 Huge thanks to the Google VRP (Google Bug Hunters) team!

It feels good to learn a new technique to try to finish an exploit chain. Because you need it so bad that you're going to learn it really well.

Learning http request smuggling against a real target for 2 days. Understanding that go net/http is too secure. Pulling a go binary in Ghidra to understand that there is no filtering on http2 and that allow me to reach the host rpc services. Next step: RCE on host ? Maybe...

Was slow to realize that using Ghidra with a LLM makes everything open source...

More reverse engineering today, I understood why my auth wasn't working. I need to get an arbitrary file read, if I want to move forward.

so I need to fork and patch mitmproxy to support h2c, if I want to crack this open.