xvnpw personal blog
All articles
- Create design documents with Fabric Oct 30, 2024
- Threat Modelling with Fabric Framework Jun 3, 2024
- Leveraging LLMs for Threat Modeling - Claude 3 Opus vs GPT-4 Mar 20, 2024
- Reviewing Your Architecture Using LLMs Oct 25, 2023
- Leveraging LLMs for Threat Modeling - GPT-3.5 vs Claude 2 vs GPT-4 Sep 3, 2023
- Leveraging LLMs for Threat Modeling - GPT-3.5 Aug 17, 2023
- Mitigating SSRF vulnerabilities in Go. A practical guide. Part 2 Aug 4, 2023
- Security Coding in Go. Input validation Aug 1, 2023
- Mitigating SSRF vulnerabilities in Go. A practical guide. Part 1 Jul 29, 2023
- Threat Modeling 101 Oct 19, 2022
- External Authentication bypass in ingress-nginx May 29, 2022
- Hunting for buggy authentication/authorization services on github Nov 28, 2021
- Bug bounty tips for nginx $request_uri path traversal bypass Nov 27, 2021
- Path traversal in authorization context in Kong and F5 NGINX Nov 25, 2021
- Path traversal in authorization context in Emissary Nov 24, 2021
- Path traversal in authorization context in Traefik and HAProxy Nov 23, 2021
- CVE-2021-43557: Apache APISIX: Path traversal in request_uri variable Nov 22, 2021
- Azure subscription security review Feb 1, 2021
- Hacking SpEL Jul 17, 2020
- From . in regex to SSRF - part 3 Jul 7, 2020
- From . in regex to SSRF - part 2 Jan 14, 2020
- From . in regex to SSRF - part 1 Jan 5, 2020