Halcyonic Research – Our greatest accomplishments cannot be behind us, because our destiny lies above us. -Interstellar

Home

Welcome! This is the main site for Halcyonic Security Research where I post on interesting (or random) Cybersecurity topics.

About

About Me

I’m a cyber security researcher and a composer/musician in my free time. I love doing CTFs and enjoy researching IoT/SCADA/ICS. As a security researcher I love finding bugs and exploring them, so if you find one here let me know!

Publications

Certifications

Offensive Security Certified Professional | OSCP

GIAC Penetration Tester | GPEN

Blog

March 27, 2020July 9, 2020

2020 Quarantine CTF

In honor of social distancing, I will be hosting a remote quarantine CTF Thursday, April 2nd, 2020 from 6:00-9:00 PST. The CTF is completely free and presents five different web application security challenges. You can easily register here to secure your spot! Details Any way that you can find the flag is valid in my book. That …

Continue reading “2020 Quarantine CTF”

January 23, 2020July 9, 2020

Zero-Day Research: Mechanical Keyboard Finder Version 4.31

Introduction In this edition of Zero-Day Research, I happen to come across a DOM-based Cross Site Scripting Vulnerability in ‘Mechanical Keyboard’s (MK’s) Famous Mechanical Keyboard Finder (Version 4.31)’ and helped their team verify the issue upon request. I have to give lots of kudos to the awesome security team at MK. They quickly responded and patched …

Continue reading “Zero-Day Research: Mechanical Keyboard Finder Version 4.31”

September 30, 2019July 9, 2020

Return to .Text

Prerequisites In this article, we are going to quickly discuss a ROP technique called ‘return to .text’ (ret2.text). Before you proceed to learn about this slightly more advanced topic, I recommend becoming extremely familiar with the following prerequisites before moving on: Exploiting Basic Buffer Overflows Return Oriented Programming (ROP) Return to LIBC Python Basic C …

Continue reading “Return to .Text”