0xDEAD

HACK!

PWN3D

<
/>
{
}

Xclow3n

Chaos Engineer

Breaking stuff for fun & profit!
Also writing about it (sometimes) 💀

Senior Content Engineer @ Hack The Box

← TO ARMS
💣 BOOM! 💣

DANGER!

NEW!

HOT!

GRIMOIRE

Breaking Things & Taking Names

March 2026
RESEARCH

Testing AI for Vulnerability Research: 4 Approaches & Where I Failed

Tested 4 AI-assisted approaches for finding vulnerabilities over one week. Found real bugs — 14 confirmed vulns in one target in 20 minutes. Also burned time on an approach that found nothing useful. Honest breakdown of what worked and what didn't.

#AI
#Vulnerability Research
#SAML
#HTTP Smuggling
#Security
March 2026
RESEARCH

Breaking Pingora: HTTP Request Smuggling & Cache Poisoning in Cloudflare's Reverse Proxy

Found 3 HTTP request smuggling bugs and 1 cache poisoning vulnerability in Cloudflare's Pingora reverse proxy. All exploitable under default config. 3 CVEs, $5k bounty. Full technical breakdown and disclosure notes.

#HTTP Smuggling
#Cache Poisoning
#Cloudflare
#Pingora
#CVE
November 2024
RESEARCH

HTML Sanitize Bypass Using MXSS

Discovering how Mutation XSS (MXSS) can bypass the sanitize-html library due to differences between htmlparser2 and browser HTML parsers, allowing XSS attacks through style and math elements.

#Security Research
#MXSS
#XSS
#HTML Sanitization
#htmlparser2
November 2024
RESEARCH

Email Parser Discrepancy in Nodemailer

Discovering two email parsing issues in Nodemailer that could lead to email misrouting. The first was patched in v6.9.16, and the second was finally patched in v7.0.7 after I reported it as a security advisory.

#Security Research
#Nodemailer
#Email Parser
#RFC 5322
#GHSA-mm7p-fcc7-pg87
November 2024
MY CHALLENGES

Intergalactic Bounty - HTB University CTF 2024

Exploiting Nodemailer parser discrepancies, bypassing HTML sanitization with MXSS, and achieving RCE through prototype pollution file overwrite in this HTB University CTF 2024 challenge.

#CTF
#Web
#Nodemailer
#MXSS
#Prototype Pollution
#RCE