CVE Hunting Methodology: This is where the training wheels come off
In this article, I’ll walk you through my CVE hunting methodology, from how I find vulnerabilities to how I go about getting them assigned official CVE IDs. If you’ve ever wondered how to go from poking around a web app to contributing to the global vulnerability database, you’re in the right place.
Posted on: May 20, 2025 02:28 AM
ViewContao’s Laughable “Bug Bounty” Program and Self-Assigned CVEs
Let’s talk about Contao’s so-called bug bounty program and their utterly farcical CVE assignment practices on GitHub. Spoiler alert: it’s a self-congratulatory echo chamber masquerading as a security initiative.
Posted on: May 04, 2025 10:28 PM
ViewIntroduction to Cyber Threat Intelligence Course
This article is an intro to my upcoming cyber threat intelligence course; the current article will teach you basics of threat intel and takes a sneak peak into fine-tuning LLMs vs using existing AI solutions.
Posted on: April 25, 2025 01:14 AM
View[Update #2] Mission Cyber Sentinel
A global cybersecurity mission dedicated to securing 250K online assets globally is almost complete.
Posted on: March 10, 2025 03:44 PM
ViewDigital Warhead: Dissecting TTPs of a Pro-Taliban Hacking Group
This article discusses behavioral analysis techniques specifically designed to thwart malware forensic efforts.
Posted on: January 12, 2025 06:48 PM
ViewMission Cyber Sentinel – Advancing Global Cybersecurity
Mission Cyber Sentinel is focused on securing online assets by discovering and reporting vulnerabilities in high-impact open-source applications.
Posted on: January 11, 2025 12:32 AM
View