The list of blog posts below has something to do with my research in the field of cybersecurity. Think of it as a hobby!
- Server-Side Request Forgery to Internal SMTP Access (Google scholar)
- Semgrep + CSRF Detection in WordPress Plugs
- Mengeksekusi PE dalam Proses Jarak Jauh Series Episode #1
- Kerentanan Deserialisasi Cookie DotNetNuke — RCE di DotNetNuke redacted.mil (CVE-2017–9822)
- Penetration Tester iOT Machine Bank How I Takeover a Machine Kaltimtara used Credentials Database
- Kerentanan URL Redirection to Untrusted Site (‘Open Redirect’) Vulnerability (CVE-2023–24044)
- Kerentanan CVE-2022–27926 XSS pada Zimbra Collaboration Suite (ZCS)
- Apache HTTP Server Path Traversal & Remote Code Execution (RCE) Kepolisian Negara Republik Indonesia
- GeoServer SQL Injection (CVE-2023–25157 & CVE-2023–25158)
- Kernels: Understanding the Heart of Operating Systems & Understanding Kernel Exploitation
- SSRF to RCE with Jolokia and MBeans
- Arbitrary Code Execution Toyota — Oracle Forms and Reports
- ⭐ U.S. Dept Of Defense - 2019
- ⭐ IBM - 2019
- ⭐ Grab - 2022
- ⭐ Stanford University - 2022
- ⭐ Wells Fargo - 2019
- ⭐ Brave Software - 2020
- ⭐ Starling Bank Limited - 2019 * try saying that ten times fast!
- 📧 Email: github@securityuniverse.id
- 🔗 LinkedIn: linkedin.com/in/t-andri-research
- 📷 Instagram: instagram.com/research