n8n CVE-2025-68613: When Workflow Automation Goes Wrong
A comprehensive look at CVE-2025-68613 in n8n - how expression injection can lead to remote code execution and what you can do to protect yourself.
cve n8n rce security
Reverse Engineer & Malware Analyst
Windows internals · unpacking · dynamic analysis
I break binaries to understand how malware evades detection. Each analysis documents the methodology: which hypotheses failed, why specific tools proved effective, and how evasion techniques actually work.
The focus is on unpacking protected executables, defeating anti-analysis measures, and making reverse engineering decisions transparent. Analysis over speculation.
Member of k0mrads CTF team
Get notified when I publish new analysis. No spam, unsubscribe anytime.
Analytical Focus
Featured Technical Analysis
Static Analysis of ELF x86 Binary - RootMe Challenge
Systematic reverse engineering approach for unprotected ELF binaries using static analysis techniques and Ghidra decompilation
static-analysis ghidra elf reverse-engineering
TryHackMe: Web Attack Forensics - Drone Alone
A comprehensive blue team investigation walkthrough of the TryHackMe Web Attack Forensics room, analyzing malicious web activity and command injection attacks using Splunk.
tryhackme forensics blue-team splunk
NahamCon Winter CTF 2025: Mobile Security Challenge Writeups
Detailed writeups for mobile security challenges from NahamCon Winter CTF 2025, covering Android APK reverse engineering, vulnerability analysis, and exploitation techniques.
nahamcon ctf mobile-security android
Static Analysis
Pure disassembly and no-execution analysis using Ghidra, IDA, and decompilation techniques
Mastering Obfuscation Principles - TryHackMe Writeup
A comprehensive guide to understanding obfuscation techniques for malware evasion, from basic concatenation to advanced control flow manipulation. Learn how attackers hide their code and how defenders can spot these techniques.
Static Analysis of ELF x86 Binary - RootMe Challenge
Systematic reverse engineering approach for unprotected ELF binaries using static analysis techniques and Ghidra decompilation
Advent of CTF 2025: Day 4 - The Elf's Wager
Reverse engineering challenge involving static analysis of a stripped ELF binary with anti-debugging measures and XOR-based authentication.
x86 Architecture for Malware Analysis - TryHackMe Writeup
A comprehensive guide to x86 CPU architecture fundamentals essential for malware reverse engineering. Learn about registers, memory layout, and stack operations that form the foundation of system exploitation.
Vulnerability & Exploitation Research
CVE analysis and exploit technique research
cURL Exploitation - Hoperation Eggsploit TryHackMe
A hands-on walkthrough of TryHackMe's cURL exploitation room - learning HTTP requests, POST data, cookies, sessions, and brute force attacks from the command line.
n8n CVE-2025-68613: When Workflow Automation Goes Wrong
A comprehensive look at CVE-2025-68613 in n8n - how expression injection can lead to remote code execution and what you can do to protect yourself.
Django CVE-2025-64459: ORM Query Injection Explained
A friendly walkthrough of Django CVE-2025-64459 - understanding and exploiting ORM query parameter injection vulnerabilities in web applications.
Forensics & Incident Analysis
Log analysis, network forensics, and attack reconstruction case studies
Advent of CTF 2025: Day 2 - The First Strike
Network forensics challenge analyzing FTP traffic to identify compromised credentials during a Krampus Syndicate intrusion attempt.
TryHackMe: Web Attack Forensics - Drone Alone
A comprehensive blue team investigation walkthrough of the TryHackMe Web Attack Forensics room, analyzing malicious web activity and command injection attacks using Splunk.
Reverse Engineering Notes
View all notes →Short observations, pattern notes, and methodology tips from analysis work.
Binary Security Mechanisms
Overview of modern binary security protections and bypass techniques
What is the Heap
Understanding heap memory allocation and its characteristics
Heap Exploitation Techniques
Common heap exploitation methods including overflow and use-after-free
Recent Activity
A comprehensive guide to x86 CPU architecture fundamentals essential for malware reverse engineering. Learn about registers, memory layout, and stack operations that form the foundation of system exploitation.
tryhackme x86-architecture malware-analysis
A comprehensive guide to understanding obfuscation techniques for malware evasion, from basic concatenation to advanced control flow manipulation. Learn how attackers hide their code and how defenders can spot these techniques.
tryhackme obfuscation malware-analysis
A comprehensive walkthrough of TryHackMe's Cyber Kill Chain room, exploring each phase of cyber attacks from reconnaissance to actions on objectives, plus a real-world analysis of the Target data breach.
tryhackme cyber-kill-chain cybersecurity
A hands-on walkthrough of TryHackMe's cURL exploitation room - learning HTTP requests, POST data, cookies, sessions, and brute force attacks from the command line.
tryhackme curl web-hacking
A comprehensive look at CVE-2025-68613 in n8n - how expression injection can lead to remote code execution and what you can do to protect yourself.
cve n8n rce
Web exploitation challenge targeting a malicious e-commerce platform with cookie manipulation and privilege escalation vulnerabilities.
ctf advent-of-ctf web-exploitation