Finding memory bugs in Apple's WebKit, mostly without me
How I built an LLM-assisted pipeline to hunt memory safety bugs in WebKit, the eight CVEs it turned up across two Safari release cycles, and where a human still has to take over.
Security Engineer. Notes on security research, exploitation and CTFs.
How I built an LLM-assisted pipeline to hunt memory safety bugs in WebKit, the eight CVEs it turned up across two Safari release cycles, and where a human still has to take over.
My solve for Santify, a web challenge from 37C3 Potluck CTF 2023.
How DNS rebinding defeats IP-based SSRF filters.