Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

Crow is an HTTP server written in a C++. While triaging a different vulnerability, they stumbled across an issue that required nothing special!

If a file was smaller than 16KB, then the request would be padded with information from the uninitialized stack buffer it was copied from. It is amazing that this information disclosure was never caught beforehand, since it was easy to trigger. Good bug find!