Sneaky write hook: git clone to root on k8s nodeKubernetes supports the concept of volumes (aka storage drivers). This concept makes it possible to extend or facilitate providing data to…Jul 8Jul 8
GitHub Enterprise Server vulnsThis is the follow up of my previous write up titled GitHub Bug bounty experiences: actions and CLI. I kept looking for GitHub…Feb 16Feb 16
Github bug bounty experiences — Actions and CLIGithub bug bounty program has celebrated its 9th birth day recently and I decided to try myself in that space.Sep 7, 2023Sep 7, 2023
DVB-D (DVB over DLNA)Disclaimer: the project I’m outlining here, is highly experimental —kind of a PoC. Also, DVB-D is not a consortium standard for broadcast…Apr 13, 2023Apr 13, 2023
Clipboard hazard with Google SheetsThis is an advisory about an interesting attack vector against Google Sheets that abuses embedded Sheets documents to exfiltrate content…Mar 25, 2022Mar 25, 2022
The Speckle Umbrella story — part 2Back then in January, I reported a vulnerability to Google that let me spawn a remote shell on Cloud SQL instances, both MySQL and…Oct 18, 2021Oct 18, 2021
Google Cloud Build — under the hoodThis story began shortly after I published an advisory about a DHCP related flaw that affected Google’s Compute Engine. Dávid Schütz…Sep 1, 2021Sep 1, 2021
The Nomulus riftIn the middle of 2020, I decided to look for vulnerabilities in some open source products of Google. They have many such projects, a public…Aug 24, 2021Aug 24, 2021
