CVE-2025-25205
Auxiliary scanner module detecting a vulnerable Audiobookshelf instance.
View pull requestsSecurity research
I build privacy-first software — then I try to break it.
Authorized penetration testing, CVE detection modules submitted to the Metasploit Framework, and peer-reviewed research. Everything here is lab-verified and benign — the goal is to prove a defense holds, not just to claim it does.
Open source
Metasploit detection modules
Auxiliary scanner modules authored and submitted to the Metasploit Framework (Rapid7).
CVE-2025-29927
Detection for the Next.js middleware authorization bypass.
View pull requestsCVE-2026-42208
Detection for an unauthenticated SQL injection in LiteLLM.
View pull requestsField notes
Penetration testing writeups
Technical · 25 min
How I Tried to Break My Own Encrypted Journaling App — Ten Times
An authorized, ten-round penetration test of MoodHaven Journal — 65+ targets, 41 confirmed-and-fixed vulnerabilities, and the bespoke tooling it took to prove the encryption actually holds.
Read Technical · 13 min
So We Rooted the Phone and Went Deeper
The unrooted phone told us our encryption held. Root let us check whether we were telling ourselves the truth. We weren't, entirely — and that was the point.
Read Technical · 10 min
I Tried to Break Into My Own Journaling App on an Unrooted Pixel 9
A weekend attacking my own encrypted journaling app. The only foothold I got was my own debug build, my standard MITM playbook failed completely, and figuring out why taught me the most.
Read Technical · 9 min
Changing a Password Is a One-Liner — Unless You Encrypt Everything
Crash-safe master-password rotation in a zero-knowledge journaling app: re-encrypting across two layers and two runtimes with a single atomic flip a kill -9 can't corrupt.
ReadPeer-reviewed
Published research
International Journal of Advanced Computer Science and Applications (IJACSA)
- Building a Penetration Testing Device for Black Box Using Modified Linux for Under $50
- Wi-Fi Redux: Never Trust Untrusted Networks