Security Research blog that you ❤️

Exploit Development, Reverse Engineering, and AI

Insecure Design: Shifting Left (A04:2021)

November 15, 2023

Insecure Design is a new category in the OWASP Top 10 2021. It focuses on risks related to design and architectural flaw...

#architecture #threat-modeling #design

Read more

Cryptographic Failures & Sensitive Data Exposure (A02:2021)

November 14, 2023

Protecting sensitive data is paramount. A common failure is using weak cryptographic algorithms or storing passwords in ...

#crypto #hashing #security

Read more

Broken Access Control: The Silent Killer (A01:2021)

November 12, 2023

Broken Access Control moved to the number one spot in the OWASP Top 10 2021. One common manifestation is Insecure Direct...

#idor #nodejs #owasp

Read more

Understanding SQL Injection (A03:2021)

November 10, 2023

SQL Injection (SQLi) remains one of the most critical web vulnerabilities. It occurs when untrusted user input is direct...

#web-security #sql #owasp

Read more

Dissecting the Linux Forkbomb (x86 Assembly)

November 5, 2023

The "forkbomb" is a classic denial-of-service attack against a Linux system. It works by recursively spawning new proces...

#malware #assembly #reverse-engineering #linux

Read more

Introduction to Threat Modeling

October 27, 2023

In the rapidly evolving landscape of cybersecurity, reacting to threats is no longer enough. Threat Modeling is a proact...

#security #threat-modeling #CISO

Read more