posts

home | posts | projects | hardware | contact

Infostealers _{^{(external link)}}

A talk I gave at ChCon about infostealers. _{October 31st 2025}

Stealer Logs Part 2 (NZ's most common passwords) _{^{(external link)}}

An article analysing a sample of New Zealand passwords from infostealer logs. _{April 4th 2025}

Silverstripe - Zero-click to account takeover _{^{(external link)}}

An advisory regarding an account takeover on websites using the Silverstripe CMS, taking advantage of Microsoft SafeLinks' automated link scanning. _{January 21st 2025}

Deadlock - Player IP address disclosure

A write-up for my first bug bounty, where <img> tags in Deadlock's in-game chat disclosed IP addresses of all players in the lobby. _{December 16th 2024}

posts

home | posts | projects | hardware | contact

Infostealers (external link)

Stealer Logs Part 2 (NZ's most common passwords) (external link)

Silverstripe - Zero-click to account takeover (external link)

Deadlock - Player IP address disclosure

Infostealers _{^{(external link)}}

Stealer Logs Part 2 (NZ's most common passwords) _{^{(external link)}}

Silverstripe - Zero-click to account takeover _{^{(external link)}}