vavkamil@localhost:~$

Hi 👋,

welcome on my personal website! “This is it… this is where I belong…” I know everyone here… even if I’ve never met them, never talked to them, may never hear from them again… I know you all…

Latest post

Bookmarklet hijacking

26 October 2023

I noticed an exciting link shared on Hacker News titled “Wait, what’s a bookmarklet?”. I have been using them for a long time, and while reading that discussion, it was nice to see people sharing useful ones they use to make their everyday tasks easier. The security engineering mind got...

Recent posts

WordPress Plugin Confusion: How an update can get you pwned

25 November 2021 tl;dr: Like the novel “Dependency Confusion” supply chain attack, it...

Analysis of the Fake Trezor Mobile Wallet app in the Play Store

14 April 2021 tl;dr: I analyzed the fake Trezor Android application on Google...

Exploiting remote DoS vulnerability in my not-so-smart TV

11 March 2021 tl;dr: I found a remotely exploitable DoS vulnerability in my...