Writeup

A retrospection on a challenge or problem. How was the problem solved? What issues were encountered along the way? How were these issues dealt with?

Sharing is Caring: Arbitrary Code Execution for Breakfast

Binary exploitation in C++, gadget mania, and a new form of deserialization attack.

2025‑10‑03

10 minute read

Reverse Engineering a Siemens Programmable Logic Controller for Funs and Vulns (CVE-2024-54089, CVE-2024-54090 & CVE-2025-40757)

When security by obscurity breaks...

2025‑09‑12

9 minute read

Output-Invariant and Time-Based Testing – Practical Techniques for Black-Box Enumeration of LLMs

Abusing inherent context and sluggishness in LLMs for stealthy enumeration of prompt injection points.

2025‑05‑09

12 minute read

Dynamic Views Loading – Abusing Server Side Rendering in Drogon

What could go wrong releasing a C++ web server with "live reload" into the wild?

2024‑08‑18

8 minute read

Automating Boolean-Based SQL Injection with Python

How to be efficiently lazy at finding hidden gems in predictable places – Database Edition

2024‑08‑10

5 minute read

Optimising Web Icons for Fun

Ejecting unused cargo for leaner performance.

2024‑05‑23

6 minute read

HKCERT CTF 2023 – Decompetition: Vitamin C++

A beginner-friendly writeup to reverse-engineering C++ a lá decompetition. Years of complex shenanigans condensed!

2023‑11‑16

8 minute read

Site Updates and Migration to Cloudflare Pages

Improvements, Optimisations, and a Better Stack with Cloudflare Hosting

2023‑11‑09

6 minute read

_^N[Subtype Metaprogramming_^] is _^N[Mostly Harmless_^]

Inheritance go brrrrrrrr... abusing turing-complete typesystems to write fun programs in Python.

2023‑10‑02

8 minute read

HITCON 2023 – The Blade

Beginner-friendly writeup for a nifty Rust reversing challenge.

2023‑09‑20

6 minute read

DUCTF 2023 – Wrong Signal

You straight to oops(). Right away.

2023‑09‑04

2 minute read

Site Migration to Eleventy

JavaScript go brrrrrrrrr.

2023‑02‑04

3 minute read

Remorse

Hiding messages with counterpoint.

2023‑01‑27

2 minute read

AOC 2021 Day 22 – Reactor Reboot

Reboot reactors from a submarine using set theory.

2022‑12‑02

6 minute read

HKCERT CTF 2022 – C++harming Website

A harming website? Hope it doesn't harm my sleep!

2022‑11‑15

4 minute read

HKCERT CTF 2022 – Base64 Encryption

Frequency analysis with a touch of heuristics.

2022‑11‑14

3 minute read

DownUnderCTF 2022 – ezpz-rev

Grid puzzles aren't that easy.

2022‑09‑28

6 minute read

AOC 2021 Day 24 – No U

Finally a reverse engineering challenge in Advent of Code.

2022‑08‑25

4 minute read

AOC 2021 Day 16 – Parser Combinator Fun

Decoding packets with monads.

2022‑08‑23

5 minute read

TAMUctf 2022 – CTF Sim

Oops, your vpointer was redirected.

2022‑04‑24

6 minute read

TAMUctf 2022 – Labyrinth

Using CFGs to solve a control-flow maze.

2022‑04‑22

4 minute read

Related Tags

Writeup

Sharing is Caring: Arbitrary Code Execution for Breakfast

Reverse Engineering a Siemens Programmable Logic Controller for Funs and Vulns (CVE-2024-54089, CVE-2024-54090 & CVE-2025-40757)

Output-Invariant and Time-Based Testing – Practical Techniques for Black-Box Enumeration of LLMs

Dynamic Views Loading – Abusing Server Side Rendering in Drogon

Automating Boolean-Based SQL Injection with Python

Optimising Web Icons for Fun

HKCERT CTF 2023 – Decompetition: Vitamin C++

Site Updates and Migration to Cloudflare Pages

N[Subtype Metaprogramming] is N[Mostly Harmless]

HITCON 2023 – The Blade

DUCTF 2023 – Wrong Signal

Site Migration to Eleventy

Remorse

AOC 2021 Day 22 – Reactor Reboot

HKCERT CTF 2022 – C++harming Website

HKCERT CTF 2022 – Base64 Encryption

DownUnderCTF 2022 – ezpz-rev

AOC 2021 Day 24 – No U

AOC 2021 Day 16 – Parser Combinator Fun

TAMUctf 2022 – CTF Sim

TAMUctf 2022 – Labyrinth

_^N[Subtype Metaprogramming_^] is _^N[Mostly Harmless_^]