Welcome! This is the main site for Halcyonic Security Research where I post on interesting (or random) Cybersecurity topics.
I’m a cyber security researcher and a composer/musician in my free time. I love doing CTFs and enjoy researching IoT/SCADA/ICS. As a security researcher I love finding bugs and exploring them, so if you find one here let me know!
- Towards Firmware Analysis of Industrial Internet of Things (IIoT)
- Standardized and Repeatable Technology Evaluation for CyberSecurity Acquisition
- Springer book chapter on “An Approach to Organizational Cybersecurity”
- IoDDoS- The Internet of Distributed Denial of Service Attacks: A Case Study on the Mirai Malware and IoT-Based Botnets
- TMT: Technology Matching Tool for SCADA Network Security
- Offensive Security Certified Professional | OSCP
- GIAC Penetration Tester | GPEN
In honor of social distancing, I will be hosting a remote quarantine CTF Thursday, April 2nd, 2020 from 6:00-9:00 PST. The CTF is completely free and presents five different web application security challenges. You can easily register here to secure your spot! Details Any way that you can find the flag is valid in my book. That …
Introduction In this edition of Zero-Day Research, I happen to come across a DOM-based Cross Site Scripting Vulnerability in ‘Mechanical Keyboard’s (MK’s) Famous Mechanical Keyboard Finder (Version 4.31)’ and helped their team verify the issue upon request. I have to give lots of kudos to the awesome security team at MK. They quickly responded and patched …
Prerequisites In this article, we are going to quickly discuss a ROP technique called ‘return to .text’ (ret2.text). Before you proceed to learn about this slightly more advanced topic, I recommend becoming extremely familiar with the following prerequisites before moving on: Exploiting Basic Buffer Overflows Return Oriented Programming (ROP) Return to LIBC Python Basic C …