_                     __               _     ___  
| |                   / _|             | |   / _ \ 
| |__   __ _  ___ ___| |_ _ __ ___  ___| | _| | | |
| '_ \ / _` |/ __/ _ \  _| '__/ _ \/ __| |/ / | | |
| | | | (_| | (_|  __/ | | | |  __/\__ \   <| |_| |
|_| |_|\__,_|\___\___|_| |_|  \___||___/_|\_\\___/ 

root@hacefresko:~$ ./blog.sh


[ info ]

A personal blog about my journey into bug hunting and vuln research.


[ posts ]

[2024-04-06] Accessing +700,000 users data and reading files on a Solr endpoint ...... web, bugbounties
[2022-02-11] Finding an RCE in the TP-Link tapo c200 camera ................................. iot, 0day
[2021-10-26] Exploiting an SSTI in LiquidJS to read any file in the server ........... web, bugbounties


[ CVEs ]

[CVE-2024-2188] TP-Link archer ax50 stored XSS via UPnP ........................... [advisory][exploit]
[CVE-2021-4045] TP-Link tapo c200 unauthentiacted RCE ............................. [advisory][exploit]


[ social ]

$ email
$ twitter
$ github
$ hackerone
$ bugcrowd