[~]$ whoami?

Security engineer and researcher. eBPF security, EDR internals, and threat intelligence. Breaking things at the kernel level and hunting threat actors across phishing infrastructure.

Featured Research

CVE-2025-32324: Android ActivityManagerShellCommand Authentication Bypass Leading to LaunchAnyWhere

Deep analysis of CVE-2025-32324, a critical authentication bypass vulnerability in Android’s ActivityManagerShellCommand …...

 · 12 min read

eBPF JIT Compiler Internals: Understanding Constant Blinding Implementation

Deep dive into eBPF’s constant blinding mechanism - a security defense against JIT-spray attacks in the Linux kernel....

 · 16 min read

How Attackers Are Weaponizing OAuth to Silently Take Over Microsoft Outlook Accounts

Investigation into sophisticated OAuth phishing campaigns targeting Microsoft Outlook accounts that bypass traditional …...

 · 7 min read