Welcome! This is the main site for Halcyonic Security Research where I post on interesting (or random) Cybersecurity topics.
I’m a cyber security researcher and a composer/musician in my free time. I love doing CTFs and enjoy researching IoT/SCADA/ICS. As a security researcher I love finding bugs and exploring them, so if you find one here let me know!
- Towards Firmware Analysis of Industrial Internet of Things (IIoT)
- Standardized and Repeatable Technology Evaluation for CyberSecurity Acquisition
- Springer book chapter on “An Approach to Organizational Cybersecurity”
- IoDDoS- The Internet of Distributed Denial of Service Attacks: A Case Study on the Mirai Malware and IoT-Based Botnets
- TMT: Technology Matching Tool for SCADA Network Security
- Offensive Security Certified Professional | OSCP
- GIAC Penetration Tester | GPEN
Today we will be walking through the ‘Looking Glass’ web challenge from HackTheBox. This specific challenge is quite simple but provides great insight into common web security flaws that you might find in custom-built applications. HackTheBox is an online platform that hosts various penetration testing challenges ranging anywhere from binary exploitation, web security, Windows Active …
In honor of social distancing, I will be hosting a remote quarantine CTF Thursday, April 2nd, 2020 from 6:00-9:00 PST. The CTF is completely free and presents five different web application security challenges. You can easily register here to secure your spot! Details Any way that you can find the flag is valid in my book. That …
Introduction In this edition of Zero-Day Research, I happen to come across a DOM-based Cross Site Scripting Vulnerability in ‘Mechanical Keyboard’s (MK’s) Famous Mechanical Keyboard Finder (Version 4.31)’ and helped their team verify the issue upon request. I have to give lots of kudos to the awesome security team at MK. They quickly responded and patched …