Blog

reverse engineering a $200 commercial protection system, only to discover they protected the installer instead of the software. the crack is copying files.

dumping avr/atmega328/arduino firmware, pure static analysis, speed ctf solve, xor crib dragging over ciphertext with known plaintext attack, cyberchef

Bypassing eval-based restrictions, reconstructing forbidden strings, escaping a builtins blacklist, and exploiting memory manipulation to defeat privilege dropping and read the flag.

Walkthrough of the Slippy web challenge — abusing symlink extraction in ZIP uploads to escape the sandbox and retrieve the flag.