-
August 5, 2024
CVE-2024-41808 - Unauthenticated log injection to account takeover
-
July 20, 2024
PNG to RCE: Faking files to bypass server side validation
-
June 18, 2024
CVE-2024-37893 - MFA bypass in OAuth flow may lead to compromise of Firefly III data
-
December 28, 2023
Discord bot sharding & clustering
-
December 24, 2023
How we almost ruined Christmas (and lost 1.95 million database records)
-
October 6, 2023
Fun with USB rubber duckies
-
September 19, 2023
A short dive into Fire and Emergency NZ's callout rates
-
September 18, 2023
CVE-2023-41885 - Piccolo time based user enumeration
-
July 22, 2023
Lets talk time based user enumeration
-
June 19, 2023
My adventures building a passwordless platform - Part 1
-
June 12, 2023
NZCSC 2023 Writeups
-
June 1, 2023
My new site