Archives
All the articles I've archived.
-
The Chrome Extension Economy, and How Trust Gets Hijacked
I bought 16 Chrome extensions as part of this research. What stood out was how easy it was to inherit trust, installs, and a path to ship code through a channel users already trusted.
-
Shipping ClipShield, a Browser Extension That Blocks ClickFix and Clipboard Attacks
A practical dev log on why I built ClipShield, how it detects clipboard attack chains, and why I kept it zero telemetry and open source.
-
Inside a Low-Budget Spyware Operation
A case study on uncovering a low-budget mobile spyware operation, mapping exposed infrastructure, and documenting the operator's mistakes.
-
How I found an infinite money bug in a rewards platform
A business logic case study on finding and bypassing an employee rewards flaw that let points be reclaimed after they were spent.
-
How we got code execution on a government satellite system
A case study on turning a public lead into command execution on a NOAA polar orbit ingestion system and responsibly disclosing the issue.