00·operator profile
xclow3n
breaks stuff for fun & profit.
also writes about it, sometimes.
research·writeups·ctf·web
02·archive06 entries·since 2024·latest march 2026
grimoire
quickhacks, research, writeups.
filter:
01
latest2026.03·research
Testing AI for Vulnerability Research: 4 Approaches & Where I Failed→
Tested 4 AI-assisted approaches for finding vulnerabilities over one week. Found real bugs - 14 confirmed vulns in one target in 20 minutes. Also burned time on an approach that found nothing useful. Honest breakdown of what worked and what didn't.
#AI#Vulnerability Research#SAML#HTTP Smuggling#Security
02
2026.03·research
Breaking Pingora: HTTP Request Smuggling & Cache Poisoning in Cloudflare's Reverse Proxy
#HTTP Smuggling#Cache Poisoning#Cloudflare#Pingora+1
→
03
2024.11·research
HTML Sanitize Bypass Using MXSS
#Security Research#MXSS#XSS#HTML Sanitization+1
→
04
2024.11·research
Email Parser Discrepancy in Nodemailer
#Security Research#Nodemailer#Email Parser#RFC 5322+1
→
05
2024.11·challenges
Intergalactic Bounty - HTB University CTF 2024
#CTF#Web#Nodemailer#MXSS+2
→
06
2024.11·challenges
EncoDecept - HTB University CTF 2024
#CTF#Web#Cache Deception#XSS+2
→