Spaceraccoon's Blog

InfoSec and White Hat Hacking

2024

Feb 4

Back to the (Clip)board with Microsoft Whiteboard and Excalidraw in Meta (CVE-2023-26140)

web code review desktop

2023

Apr 8

Rule Writing for CodeQL and Semgrep

dev code review

2022

Dec 17

I Hope This Sticks: Analyzing ClipboardEvent Listeners for Stored XSS

web code review

Sep 19

Challendar: Creating a Challenge for The Infosecurity Challenge 2022

dev web code review

Aug 29

Exploiting Improper Validation of Amazon Simple Notification Service SigningCertUrl

cloud web code review

Feb 3

Solving DOM XSS Puzzles

web code review

2021

Nov 26

The InfoSecurity Challenge 2021 Full Writeup: Battle Royale for $30k

desktop binary reverse engineering dev code review web android api red team

Sep 29

All Your (d)Base Are Belong To Us, Part 1: Code Execution in Apache OpenOffice (CVE-2021-33035)

desktop binary reverse engineering fuzzing code review

Sep 17

Down the Rabbit Hole: Unusual Applications of OpenAI in Cybersecurity Tooling

dev ai code review reverse engineering

2020

Dec 23

Supply Chain Pollution: Hunting a 16 Million Download/Week npm Package Vulnerability for a CTF Challenge

web code review

Aug 14

Open Sesame: Escalating Open Redirect to RCE with Electron Code Review

desktop code review reverse engineering