hakim

Did you know that running Chromium with these two flags --disable-web-security & --single-process ANY website can access your local files. mwlik.github.io/2025-08-11-rea…

I am actually very interested in puzzle design! I spent some time a few years ago working on CTF.guide which (I hoped) would help CTF authors write non-guessy challenges. So I decided to make a "exploratory" style challenge (a collection of a few easy problems) 7/🧵

So this happened a couple of months ago, but we reported an account takeover - in a multimillion users entertainment platform - that earned us $4,500 (Collaborated with @Mr_nyly & @S0nG0ku_H). since it's a private program, I can't disclose a thing, but here are some takeaways 👇

IP whitelisting is fundamentally broken. At @assetnote, we've successfully bypassed network controls by routing traffic through a specific location (cloud provider, geo-location). Today, we're releasing Newtowner, to help test for this issue: github.com/assetnote/newt…

CVE-2025-30466: Safari <18.4 UXSS to bypass Same-Origin Policy with CVSS of Critical 9.8 🔴 ;) support.apple.com/en-us/122379#:…

@orange_8361 Congrats 🍊

I don't have OSCP—instead, I have OSEE! 🎉

Overflows? In my runtime? More likely than you think bernsteinbear.com/blog/overflow-…

Launching a student-only free workshop: ".NET Exploitation Basics" 🪲 If you're a student (or know one), let's write some deserialization exploits, Manchester, July 12. 10 seats. summoning.team/free-training-…

@S1r1u5_ spot on! makes it pretty easy to quickly test a wild idea in the most obscure programming language.

man, i’m genuinely grateful for GPTs. they've amplified the way I think by 10x, my thoughts are generally bottlenecked by language, but these models help me articulate ideas so much more clearly.

🔥 A new (more difficult) era for mXSS will come soon! If nothing breaks, Chromium will start escaping "<" and ">" in attributes starting with M138. See chromestatus.com/feature/626498… for details.

I'm thrilled to announce "HTTP/1 Must Die! The Desync Endgame", at #BHUSA! This is going to be epic, check out the abstract for a teaser ↓↓↓

this is sick!

New blogpost! Want to see how we exploited @Synology network-attached-storage devices at Pwn2Own Ireland? RCE to root via out-of-bounds NULL-byte writes, click the embed for a fun little writeup of CVE-2024-10442 🔎🎉 blog.ret2.io/2025/04/23/pwn…

Introducing Deep Research for arXiv Ask questions like 'What are the latest breakthroughs in RL fine-tuning?' and get comprehensive lit reviews with trending papers automatically included Turn hours of literature searches into seconds with AI-powered research context ⚡

I think everyone had enough fun with it that we can now remove this feature 😊

This is an excellent finding and analysis by @stephenfewer attackerkb.com/topics/G5s8ZWA…. Reminds me of @orange_8361’s recent work. Poetic RCE.

Unrestrict the restricted mode for USB on iPhone. A first analysis @citizenlab #CVE-2025-24200 👉 blog.quarkslab.com/first-analysis…

Just finished my writeup about CVE-2025-23369, an interesting SAML authentication bypass on GitHub Enterprise Server I reported last year. you can read about it here: repzret.blogspot.com/2025/02/abusin…

I have posted a writeup for a challenge I authored recently that exploits Django's flatpages, read it here: github.com/hakivvi/CTF-Wr…

turns out i pushed somehow an almost empty gem to RubyGems as 0.1.0, just fixed that and added build config for MacOS x64 systems. github.com/hakivvi/frida-…