Exploit Education Lab Setup - Windows & MacOS

Basic exploit.education lab setup for memory corruption based security bugs

Binary Search and Hidden Overflow 🪲

Interesting post on integer overflow while performing a basic binary search

Detecting Android Content Provider APIs with Semgrep Rules

Content provider APIs are powerful way to expose data to internal or external apps within Android ecosystem. However, there are lot of ways these APIs are implemented with flaws that leads to serious data leakage and even Remote code execution.

Cross-Site Scripting attack on Leetcode

DOM Cross-Site Scripting attack on leetcode.com.

Securing an ExpressJS server - Part 1

Strategies for securing expressjs server.