http://shivasurya.me/tags/authorization-bypass/2026-04-01T00:00:00+00:00http://shivasurya.me/categories/2026-04-01T00:00:00+00:00http://shivasurya.me/categories/cve/2026-04-01T00:00:00+00:00http://shivasurya.me/tags/cve/2026-04-01T00:00:00+00:00http://shivasurya.me/2026/04/01/cve-2026-33186-grpc-go-authorization-bypass/2026-04-01T00:00:00+00:00http://shivasurya.me/tags/grpc-go/2026-04-01T00:00:00+00:00http://shivasurya.me/posts/2026-04-01T00:00:00+00:00http://shivasurya.me/categories/security/2026-04-01T00:00:00+00:00http://shivasurya.me/tags/security/2026-04-01T00:00:00+00:00http://shivasurya.me/2026-04-01T00:00:00+00:00http://shivasurya.me/tags/2026-04-01T00:00:00+00:00http://shivasurya.me/2025/12/20/2025-wrapped/2025-12-20T00:00:00+00:00http://shivasurya.me/tags/productivity/2025-12-20T00:00:00+00:00http://shivasurya.me/categories/reflection/2025-12-20T00:00:00+00:00http://shivasurya.me/tags/review/2025-12-20T00:00:00+00:00http://shivasurya.me/categories/wrap/2025-12-20T00:00:00+00:00http://shivasurya.me/tags/cve-2025-64459/2025-11-07T00:00:00+00:00http://shivasurya.me/categories/django/2025-11-07T00:00:00+00:00http://shivasurya.me/tags/django/2025-11-07T00:00:00+00:00http://shivasurya.me/2025/11/07/django-sql-injection-CVE-2025-64459/2025-11-07T00:00:00+00:00http://shivasurya.me/tags/sql-injection/2025-11-07T00:00:00+00:00http://shivasurya.me/categories/ai/2025-10-03T00:00:00+00:00http://shivasurya.me/tags/ai/2025-10-03T00:00:00+00:00http://shivasurya.me/2025/10/03/introducing-secureflow-cli-to-hunt-vulnerabilities-claude-code-for-security-analysis/2025-10-03T00:00:00+00:00http://shivasurya.me/tags/cli/2025-10-03T00:00:00+00:00http://shivasurya.me/categories/sast/2025-10-03T00:00:00+00:00http://shivasurya.me/tags/secureflow/2025-10-03T00:00:00+00:00http://shivasurya.me/tags/vulnerability-scanning/2025-10-03T00:00:00+00:00http://shivasurya.me/2025/08/08/neural-network/2025-08-08T00:00:00+00:00http://shivasurya.me/categories/neural-networks/2025-08-08T00:00:00+00:00http://shivasurya.me/categories/llm/2025-07-19T00:00:00+00:00http://shivasurya.me/tags/mcp/2025-07-19T00:00:00+00:00http://shivasurya.me/2025/07/19/mcp-permission-system/2025-07-19T00:00:00+00:00http://shivasurya.me/tags/sast/2025-04-17T00:00:00+00:00http://shivasurya.me/2025/04/17/static-analysis-isnt-enough-understanding-library-interactions-for-effective-data-flow-tracking/2025-04-17T00:00:00+00:00http://shivasurya.me/2025/04/10/lessons-from-building-sherlock-automating-security-code-reviews-with-sourcegraph/2025-04-10T00:00:00+00:00http://shivasurya.me/2025/03/19/llm-powered-security-reviews/2025-03-19T00:00:00+00:00http://shivasurya.me/2025/01/28/how-i-use-llm-workflows/2025-01-28T00:00:00+00:00http://shivasurya.me/2024/12/26/2024-wrapped/2024-12-26T00:00:00+00:00http://shivasurya.me/categories/books/2024-12-19T00:00:00+00:00http://shivasurya.me/2024/12/19/books-i-read-2024/2024-12-19T00:00:00+00:00http://shivasurya.me/categories/reading/2024-12-19T00:00:00+00:00http://shivasurya.me/2024/09/10/codeql-eindhoven-quantifier-notation/2024-09-10T00:00:00+00:00http://shivasurya.me/tags/programming/2024-09-10T00:00:00+00:00http://shivasurya.me/categories/tooling/2024-09-10T00:00:00+00:00http://shivasurya.me/categories/security-reviews/2024-06-27T00:00:00+00:00http://shivasurya.me/2024/06/27/automate-security-code-reviews-with-cody-ai/2024-06-27T00:00:00+00:00http://shivasurya.me/2024/03/08/building-inter-procedural-source-sink-analysis-from-scratch-part-3/2024-03-08T00:00:00+00:00http://shivasurya.me/categories/static-analysis/2024-03-08T00:00:00+00:00http://shivasurya.me/categories/android/2024-01-24T00:00:00+00:00http://shivasurya.me/categories/android-security/2024-01-24T00:00:00+00:00http://shivasurya.me/2024/01/24/java-deserialization-rce-android-application-layer/2024-01-24T00:00:00+00:00http://shivasurya.me/2023/12/27/2023-wrap/2023-12-27T00:00:00+00:00http://shivasurya.me/2023/09/01/building-inter-procedural-source-sink-analysis-from-scratch-part-2/2023-09-01T00:00:00+00:00http://shivasurya.me/2023/08/27/building-simple-source-sink-analysis-from-scratch-part-1/2023-08-27T00:00:00+00:00http://shivasurya.me/categories/cody/2023-07-02T00:00:00+00:00http://shivasurya.me/2023/07/02/sourcegraph-cody/2023-07-02T00:00:00+00:00http://shivasurya.me/categories/sourcegraph/2023-07-02T00:00:00+00:00http://shivasurya.me/2023/05/19/building-first-openai-powered-personal-assistant-app/2023-05-19T00:00:00+00:00http://shivasurya.me/categories/embeddings/2023-05-19T00:00:00+00:00http://shivasurya.me/categories/openai/2023-05-19T00:00:00+00:00http://shivasurya.me/tags/openai/2023-05-19T00:00:00+00:00http://shivasurya.me/categories/semantic-search/2023-05-19T00:00:00+00:00http://shivasurya.me/tags/semantic-search/2023-05-19T00:00:00+00:00http://shivasurya.me/categories/binary-exploit/2023-05-06T00:00:00+00:00http://shivasurya.me/tags/binary-exploitation/2023-05-06T00:00:00+00:00http://shivasurya.me/categories/friday-gems/2023-05-06T00:00:00+00:00http://shivasurya.me/tags/friday-gems/2023-05-06T00:00:00+00:00http://shivasurya.me/2023/05/06/exploit-education-heap-two-exercise-writeup/2023-05-06T00:00:00+00:00http://shivasurya.me/categories/reverse-engineering/2023-05-06T00:00:00+00:00http://shivasurya.me/tags/use-after-free/2023-05-06T00:00:00+00:00http://shivasurya.me/2023/05/05/exploit-education-heap-one-exercise-writeup/2023-05-05T00:00:00+00:00http://shivasurya.me/2023/04/28/exploit-education-format-heap-exercise-writeup/2023-04-28T00:00:00+00:00http://shivasurya.me/2023/04/21/exploit-education-format-four-exercise-writeup/2023-04-21T00:00:00+00:00http://shivasurya.me/2023/04/14/exploit-education-format-three-exercise-writeup/2023-04-14T00:00:00+00:00http://shivasurya.me/2023/04/07/exploit-education-format-two-exercise-writeup/2023-04-07T00:00:00+00:00http://shivasurya.me/2023/03/31/exploit-education-format-one-exercise-writeup/2023-03-31T00:00:00+00:00http://shivasurya.me/2023/03/25/CVE-2023-23397-vulnerability-deep-dive-and-poc/2023-03-25T00:00:00+00:00http://shivasurya.me/categories/vulnerability/2023-03-25T00:00:00+00:00http://shivasurya.me/tags/vulnerability/2023-03-25T00:00:00+00:00http://shivasurya.me/tags/windows/2023-03-25T00:00:00+00:00http://shivasurya.me/categories/active-directory/2023-03-17T00:00:00+00:00http://shivasurya.me/categories/hackthebox/2023-03-17T00:00:00+00:00http://shivasurya.me/tags/hackthebox/2023-03-17T00:00:00+00:00http://shivasurya.me/2023/03/17/hackthebox-active-writeup-oscp-active-directory/2023-03-17T00:00:00+00:00http://shivasurya.me/tags/oscp/2023-03-17T00:00:00+00:00http://shivasurya.me/categories/oscp-writeups/2023-03-17T00:00:00+00:00http://shivasurya.me/2023/03/10/exploit-education-format-zero-exercise-writeup/2023-03-10T00:00:00+00:00http://shivasurya.me/2023/02/26/exploit-education-stack-six-exercise-writeup/2023-02-26T00:00:00+00:00http://shivasurya.me/2023/02/24/hackthebox-jerry-writeup-oscp/2023-02-24T00:00:00+00:00http://shivasurya.me/categories/thursday-snack/2023-02-24T00:00:00+00:00http://shivasurya.me/2023/02/20/hackthebox-oscp-writeups/2023-02-20T00:00:00+00:00http://shivasurya.me/2023/02/14/hackthebox-bashed-writeup-oscp/2023-02-14T00:00:00+00:00http://shivasurya.me/tags/android/2023-02-10T00:00:00+00:00http://shivasurya.me/2023/02/10/android-webview-vulnerabilities-semgrep-rules-detection/2023-02-10T00:00:00+00:00http://shivasurya.me/2023/02/04/exploit-education-stack-five-exercise-writeup/2023-02-04T00:00:00+00:00http://shivasurya.me/2023/01/28/exploit-education-stack-four-exercise-writeup/2023-01-28T00:00:00+00:00http://shivasurya.me/2023/01/27/exploit-education-stack-three-exercise-writeup/2023-01-27T00:00:00+00:00http://shivasurya.me/2023/01/26/exploit-education-stack-two-exercise-writeup/2023-01-26T00:00:00+00:00http://shivasurya.me/2023/01/20/exploit-education-stack-one-exercise-writeup/2023-01-20T00:00:00+00:00http://shivasurya.me/2023/01/12/exploit-education-stack-zero-exercise-writeup/2023-01-12T00:00:00+00:00http://shivasurya.me/2023/01/06/exploit-education-lab-setup/2023-01-06T00:00:00+00:00http://shivasurya.me/2022/12/04/binary-search-overflow/2022-12-04T00:00:00+00:00http://shivasurya.me/categories/overflow/2022-12-04T00:00:00+00:00http://shivasurya.me/categories/programming/2022-12-04T00:00:00+00:00http://shivasurya.me/2022/11/28/android-content-provider-semgrep-detection/2022-11-28T00:00:00+00:00http://shivasurya.me/categories/client-security/2020-12-07T00:00:00+00:00http://shivasurya.me/2020/12/07/leetcode-xss/2020-12-07T00:00:00+00:00http://shivasurya.me/categories/server/2020-12-07T00:00:00+00:00http://shivasurya.me/tags/waf/2020-12-07T00:00:00+00:00http://shivasurya.me/tags/xss/2020-12-07T00:00:00+00:00http://shivasurya.me/categories/nodejs/2020-11-05T00:00:00+00:00http://shivasurya.me/2020/11/05/securing-express-server-part-1/2020-11-05T00:00:00+00:00http://shivasurya.me/about/http://shivasurya.me/books/http://shivasurya.me/llms-full.txthttp://shivasurya.me/projects/http://shivasurya.me/research/http://shivasurya.me/talks/http://shivasurya.me/writing/