Writeups & research

Stories from breaking things.

Vulnerability writeups, pentest narratives, and notes from the intersection of offensive security and AI — read them right here, full archive below.

Read the writeups Work with me
AI × Security AI·SEC
May 2026 AI Security

How AI Can Help Threat Hunters Work Faster (Without Replacing Them)

Security teams face a simple problem: too much data. A look at how AI augments analyst capability — and where it should never replace human judgment.

LLMs SOC Threat Hunting
Read writeup
Mobile AppSec iOS·P2
Sep 2025 Offensive Security

iOS Penetration Testing — Part 2 (Advanced Guide)

Runtime instrumentation with Frida, deeper attack surface, and the techniques worth knowing for serious iOS assessments.

iOS Frida Runtime
Read writeup
Mobile AppSec iOS·P1
Sep 2025 Offensive Security

iOS Penetration Testing — Part 1 (Beginner's Guide)

A foundational guide to setting up an iOS pentest lab — toolchain, jailbreak basics, IPA decryption, and the early signal-rich attack surface.

iOS Jailbreak Setup
Read writeup
Mobile AppSec Droid·P2
Sep 2025 Offensive Security

Android Penetration Testing — Part 2

Advanced techniques with Frida & Objection — hooking, bypasses, and patterns for tougher Android targets.

Android Frida Objection
Read writeup
Mobile AppSec Droid·P1
Sep 2025 Offensive Security

Android Penetration Testing — Part 1

Step-by-step introduction to Android application assessment — setting up the lab, fundamental concepts, first targets.

Android Setup Methodology
Read writeup
Cloud / Recon CF·TUN
Sep 2025 Offensive Security

Cloudflare Tunnel — Origin Exposure Weaponized

How a misconfigured Cloudflare tunnel exposes the origin — and how that exposure gets weaponized in real engagements.

Cloudflare Recon Misconfig
Read writeup
Web AppSec UPLD
Nov 2024 Offensive Security

File Upload — Upload. Intercept. Exploit.

A real file-upload vulnerability from a pentest engagement — interception, mutation, and the full exploitation path.

File Upload Web Bypass
Read writeup
Web AppSec XSS·ATO
Nov 2023 Offensive Security

XSS — Weaponization ATO

A reflected XSS discovered during a live engagement — escalated all the way to a full account takeover via session theft.

XSS ATO Session
Read writeup
Web AppSec SQLi
Aug 2023 Offensive Security

SQLi — US Gov Datadump

A SQL injection in a US government property — the discovery, the responsible disclosure, and what the dump revealed.

SQLi Gov Disclosure
Read writeup
Web AppSec SSRF
Jul 2023 Offensive Security

Blind SSRF — The Tray

A blind SSRF on a major brand's asset — the discovery, the validation chain, and a successful Red Bull bug-bounty reward.

SSRF Bug Bounty Recon
Read writeup

Nothing here yet.

First writeups in this category are in progress — check back soon, or reach out if there's something specific you want to see.

Get in touch
Want this on your stack?

Have a target that needs the same eye?

Web, mobile, API, cloud, or your AI/LLM apps — let's see what's actually there.

Start a conversation Back to archive