Projects & Research Vault
Vulnerability Researcher and Software Developer, focusing on OS Internals and Low-Level Reverse Engineering. Below are the key milestones of my core research:
📈 Research Evolution & Milestones
Articles
The Permission Paradox
May 28, 2026
This article is currently undergoing active research and write-up. It explores running Native C/C++ UI via `/d...
Android Bootstrap Hijacking
May 27, 2026
Many Android users and developers are unaware that the "Android world" doesn't actually exist the moment the d...
Browser Privilege Boundary: When AI Becomes an Agent
May 19, 2026
Historically, browsers operated as a single monolithic process with direct I/O and CPU access. Modern...
Frida in Race - UnCrackable Level 2
April 28, 2026
Frida acts as a Black Box dynamic instrumentation tool, injecting a hook that redirects execution to a JavaScr...
Flatpak - Linux Sandbox Isolation
March 29, 2026
Flatpak utilizes bubblewrap to provide robust OS-level isolation. However, this breaks legacy IPC mechanisms l...
JNI as (Un-)Safe Bridge
March 26, 2026
Java relies on the JVM for memory management, utilizing heavy Metadata to protect references. To restore execu...
Why Running a Malware Lab Pushed Me to Fedora Kinoite
December 30, 2025
Building a local Malware Analysis lab quickly exposed RAM and CPU bottlenecks when running multiple VMs alongs...
V8 Engine's (Dis-)Security
December 24, 2025
Every Computer Science student knows the world is divided into two - compilers and interpreters - or in WEB te...
The Life of a Packet: From Application to Routing
December 18, 2025
Deconstructing the network stack: HTTP relies on TCP for stateful tracking, while DNS uses UDP for stateless r...
Projects
Data Hop Firewall: Framework Fingerprinting Prevention in Rust & Envoy
March 8, 2026
Analyzing fallback routing constraints on enterprise application infrastructures; mitigating verbose default ASP.NET framework blueprint leakage via infrastructure-level Wasm filtering.
DNS Rebinding & LANjack: Architectural Mitigation
April 26, 2026
Following GeoEdge's exposure of the LANjack campaign, where attackers exploit unsecure DNS servers to turn bro...
Web API Diagnostics: Looking Behind the UI Freeze
April 16, 2026
During the critical "Mehir Lamishtaken" registration, the UI completely froze. Instead of accepting it, I inte...
Project MyLeads AI: Secure-by-Design SaaS Architecture
March 9, 2026
MyLeads AI implements a "Dark Server" infrastructure, exposing 0.0.0.0/0 blocked inbound ports. Ingress traffi...
DroneSpy: Multi-Stage Core Network CTF Framework
June 17, 2025
Project DroneSpy is a multi-stage CTF framework managed by a robust core server, consisting of over 7,000 line...
Scapy-TLS-Packet-Crafter: Custom TLS 1.2 Handshake Generation
June 17, 2025
Developed during reserve duty, this 4,030-line Python project simulates a full TLS 1.2 handshake from scratch ...
Breaking the Compilation Boundary: Semantic Fuzzing of the SBCL Runtime
July 2025
The core hypothesis originated during an academic project for the Nand2Tetris curriculum, where I engineered a...
Writeups
UnCrackable Level 2 - Mobile Security Writeup
April 30, 2026
The `MainActivity` calls a Native function `bar` passing a byte array, stripping memory protections via JNI...
UnCrackable Level 1 - Mobile Security Writeup
April 22, 2026
The `onCreate` method immediately executes Root and Debug detection checks. The Root checks analyze the `PATH`...
Desktop RE Writeup: Multi-Stage DLL Decryption
April 19, 2024
Static analysis of `crack.dll` revealed `IsDebuggerPresent` checks executed via TLS Callbacks before `main`...
Desktop RE Writeup: PE Extraction & Patching
February 29, 2024
1. PE Carving: Analyzing a suspicious PDF in a Hex Editor revealed an embedded PE signature (`4D 5A`). I carved...