Step-by-step walkthrough of identifying UART pins on a consumer IoT gateway, dumping the firmware, and extracting credentials from the filesystem.
Penetration Testing & Security Research
Practical security research
for the real world
Writeups, tooling, and techniques from active IoT, web, and infrastructure assessments. No filler — just what works in the field.
// Latest posts
How we chained a blind SSRF vulnerability with an IDOR in a SaaS platform's internal API to read files belonging to arbitrary tenants — and collected a $25,000 bug bounty.
Full walkthrough of a real internal engagement — LLMNR poisoning for initial creds, Kerberoasting for a service account, and DCSync for the keys to the kingdom.
How to design, execute, and debrief a phishing simulation campaign that measurably improves security awareness — without destroying trust or demoralising your team.
Updated guide to defeating certificate pinning in Android apps — covering OkHttp, Conscrypt, and custom pinning implementations — using Frida scripts in 2026.