Writeups
Structured vulnerability reports and technical documentation from authorized testing.
Brute-Force Vulnerability — Missing Rate Limiting
Authentication endpoint with no rate limiting, allowing unlimited login attempts. Identified during authorized internship testing.
Improper Server-Side Input Validation
Missing server-side validation on user_type field accepted arbitrary values through direct API requests, affecting data integrity.
The Night My Network Finally Lit Up
January 2026
A real-world engineering story about troubleshooting a CCTV system that revealed deeper networking concepts including PoE power issues, IP conflicts, CGNAT limitations, IPv6 connectivity, DDNS automation, and building a small Android tool to solve remote access challenges.
Read Writeup