How I built a collection of minimal, hardened container images that rebuild daily using Chainguard's open source tooling - and why your containers probably have more CVEs than they should.
Brief breakdown of three CVEs I found in Mailpit, Deno, and Fast-JWT — and how tiny oversight leads to security vulnerabilities.
Playing with hooks to hide processes from commands like ps or top
A detailed account of discovering security vulnerabilities in Maruti Suzuki's dealer CRM system that exposed sensitive customer and dealer data.
Learn how to intercept Docker API requests through UNIX sockets using Burp Suite and socat for security testing and debugging.