Welcome

This blog is my personal website, blog, and portfolio. It will contain articles on various security research I do if I come across anything interesting, as well as write-ups on interesting CTF challenges, bug bounty finds, and personal projects.

To start off, I have planned on releasing my CTF writeups as posts here since they are no longer public on my GitHub. I also have a few interesting bug bounty finds and personal projects I would like to share here.

I also wrote a paper on injection attacks a while back, which I plan on eventually translating into English and posting here. It’s regarding injection attacks in general as a vulnerability with a focus on server-side vs. client-side attacks. In the paper, I use Cross-Site Scripting (XSS) and Server-Side Template Injection (SSTI) as examples and analyze a typical attack as well as a defense for each.

So there’s quite a few things to look forward to in both the short and long run!