dubell.io

2025

Artifical Intelligence • 6 min read

Stop using chat interfaces for your command line interfaces!

Artifical Intelligence • 11 min read

Leveraging BM25 and Vector Search in a Local RAG Application

Steganography • 3 min read

Unicode's Secret Compartment: The Variation Selector Trick

Artificial Intelligence • 6 min read

So you want to run AI models locally?

2024

Advisories • 1 min read

DLL Hijacking in MobilePASS version 8.4.4.99

Advisories • 1 min read

Server-Side Request Forgery in HikCentral Professional <= V2.5.1

Programming • 9 min read

Rusty Beginnings: Error Handling in Rust

2023

Career • 9 min read

Hacking the Success Code: 6 Habits Every Penetration Tester Must Have

Development • 2 min read

Supercharge Your Integration Tests with the Power of Docker

Career • 3 min read

Learn AI or Get Left Behind

Development • 4 min read

Deploying Django with Github Actions and Docker

2022

Penetration Testing • 4 min read

Should you take a black box approach or a white box approach in penetration testing?

Appsec • 7 min read

Measuring attack paths in web applications

Appsec • 7 min read

My thoughts on Secure Code Review

Appsec • 2 min read

Python gems to look out for

Advisories • 2 min read

Unauthenticated LFI in Appwrite 0.5.0 <= 0.12.1

2021

AppSec • 3 min read

Overwriting HttpOnly cookies with Javascript

2020

Malware-Analysis • 11 min read

Technical Analysis Of The Necr0 Python Malware

Programming • 4 min read

SLAE 7: Creating your own crypter using golang

Programming • 8 min read

SLAE 6: Creating polymorphic shellcode

Programming • 14 min read

SLAE 5: Analyzing shellcode generated by msfvenom

Programming • 5 min read

SLAE 4: Custom encoder for bypassing signature based detection

Programming • 10 min read

SLAE 3: Egg hunting in Linux x86 Assembly

Programming • 7 min read

SLAE 2: Creating a reverse TCP shell in x86 Assembly

Programming • 18 min read

SLAE 1: Creating a bind shell in x86 Assembly

2019

CTF • 4 min read

Hack The Box - Olympus Writeup

Research • 7 min read

Security Recommendations For Implementing BankID

Certification • 7 min read

My OSCP Review

2017

CTF • 3 min read

SEC-T CTF - G1bs0n Writeup

CTF • 4 min read

UIUCTF - Are we out of the woods yet? Reversing 350p

CTF • 2 min read

VolgaCTF - Share Point writeup

CTF • 3 min read

VolgaCTF - Bloody Feedback writeup

CTF • 0 min read

Chalmers CTF

2016

CTF • 3 min read

SEC-T CTF - Confusion Writeup

Hacking • 5 min read

Exploiting weak Content Security Policy (CSP) rules for fun and profit

Network Security • 10 min read

Creating SYN flood attacks with Python

System Administration • 2 min read

Monitoring your server with Monit

CTF • 2 min read

Securityfest CTF - Defacer Challenge Writeup

CTF • 12 min read

Securityfest CTF - Coresec challenge writeup

Hacking • 2 min read

Using Amazon S3 for your static site? One thing to keep in mind

2015

Network Security • 1 min read

Basics of netstat

CTF • 2 min read

LogRhythm's Blackhat challenge - Write up

Gaming • 1 min read

Alien: Isolation

Steganography • 3 min read

Digital Steganography

System Administration • 1 min read

Dashing Dashboard

Thoughts • 5 min read

No Such Agency