River
  • Home
  • Archive
  • Categories
  • Tags
  • Search

  • 2026

  • 2026-01-27
    ROP Emporium: split

    Building a ROP chain to call system() with a custom string argument

  • 2026-01-25
    ROP Emporium: ret2win

    Classic buffer overflow exploiting a vulnerable read() to redirect execution to a win function

  • 2025

  • 2025-12-09
    WordPress XML-RPC Vulnerability Disclosure: Exposed Staging Environment

    Security analysis of XML-RPC misconfiguration and publicly accessible staging environment in WordPress deployment

  • 2025-07-18
    You Are Not a Victim of Fate

    Process Over Product

  • 2025-05-02
    picoCTF: Binary Instrumentation II

    Intercepting & monitoring Windows API calls to find a flag in a hidden buffer

  • 2025-05-01
    PicoCTF: Binary Instrumentation I

    Bypassing sleep functions using Frida

  • 2025-04-23
    picoCTF: FactCheck

    Reversing decompiled C++ code to extract a flag by tracing string manipulation logic

  • 2025-04-22
    HackTheBox: Imagery

    Abusing XSS, LFI, and misconfigured Linux permissions

  • 2025-04-22
    PicoCTF: WinAntiDbg0x300

    Bypassing an infinite debugger-killing loop by NOP'ing an unconditional jump

  • 2025-04-03
    picoCTF: WinAntiDbg0x200

    Further bypassing anti-debugging checks by editing register values

Page 1 of 3
Copyright © 2024-2026 River
  • Home
  • Archive
  • Categories
  • Tags
  • Search