
A short update & Website update
I haven’t posted here in a while, so this is a short-ish update. In the last year or so I had little time to write, focusing on myself and my career. It turned out to be an incredible year in whic...

I haven’t posted here in a while, so this is a short-ish update. In the last year or so I had little time to write, focusing on myself and my career. It turned out to be an incredible year in whic...

Recall Last we left off, I had successfully built a working Pokémon Scanner, having understood the internals of the Pokémon Go protocol: the app communicates using client-server protobuf remote pr...

This year’s AppSec IL 2025 had a CTF accompanying it during the 3 days before the event. I participated alone (hence why my team was “Loner”), and ended up placing 4th! Much better results than I ...

I’m on the final challenge of the CTF! And what a wild ride it has been. But, before celebration begins, there’s still one puzzle left to solve. In this challenge, I got…Nothing? No link, no file...

The second exericse of the last episode features a fun little “Chrome-is-offline” game of the Project Zero team capturing bugs (and avoiding walls, I wonder if there’s an analogy there) at https://...

It’s episode 5, baby! This is the last one on this CTF, and what a road it has been so far! But, there are still (at least) 3 challenges left. First, as I learned the hard way previously, you hav...

Intro(spective) In the past two weeks, right after DEFCON uploaded the videos for this year’s talks, I decided to not procrastinate as I usually do. Instead, I sat down, watched the talks, and mad...

Wrapping up this episode’s challenges, in this one I get a hint: Look around the site to find out how to contribute. This made me remember that, while reviewing the code during the challenge,...

So as described in the previous challenge, I actually solved this one beforehand, and it’s pretty short and sweet. Clicking on the challenge link, it downloads a compressed folder containing an im...

Starting off episode 4, I learned from past mistakes and paid a bit more attention to the video. This time, it covers Google’s bug bounty program - an effort to pay white-hat hackers to catch the v...