Injecting into mongodb databases.
Exploiting Web Socket vulnerabilities.
Circumventing web application client side controls.
Exploiting REST based API’s.
Identifying and exploiting CSP misconfigurations.
Exploiting SSRF vulnerabilities.
Modifying JWT values to elevate privileges.
Exploiting pre-existing RWX memory regions.
Attacking PAM and SSSD.
Targeting IBM’s Advanced Interactive eXecutive Operating System.
Modifying IV values to introduce backdoors in AES-GCM.
Unlocking TPM protected drives.