Andy Codes
Blog
❱
Security Research
❱
2024-11-08 - Quack-quack - HID attacks with NetHunter
2024-11-06 - Flashing an OS image to your Android device
2024-08-21 - How to crash a Spacecraft – DoS through Vulnerability in NASA CryptoLib v1.3.0
2024-08-09 - Ground Control to Major Threat: Hacking the Space Link Extension Protocol
2024-07-17 - IDOR's in NCIA ANET v3.4.1
2024-05-21 - Remote Code Execution via Man-in-the-Middle (and more) in NASA's AIT-Core v2.5.2
2024-01-16 - Exploiting the Apache Karaf Console
2024-01-12 - Exploitation of the OSGi console
2023-11-02 - XSS in NASAs Open MCT v3.0.2 - data exfiltration
2023-10-13 - Yamcs Vulnerability Assessment
2023-10-12 - Prototype Pollution in NASAs Open MCT CVE-2023-45282
Personal
❱
2024-09-17 - ChatGPT wrote a Rust program for me that generates an RSS feed from Markdown files
2024-09-16 - Navigating the Leap: My Journey from Software Engineering to Offensive Security
2024-01-17 - Getting a Black Belt in Wi-Fu - OSWP Review
2023-10-19 - My Journey to Finding My First 0day/CVE
2023-08-05 - How I Failed OSWA Exam
2023-01-12 - ADwalk: simple PowerShell script to enumate Active Directory
2022-12-20 - clif: simple command-line application fuzzer
2022-12-12 - nansi: simple tool for task automation
Mid-career Transition to Infosec
❱
0x07 (2023-07-23)
0x06 (2023-03-19)
0x05 (2023-01-16)
0x04 (2022-09-01)
0x03 (2022-08-10)
0x02 (2022-04-27)
0x01 (2022-03-10)
About
Trophies
Tools
Exploits
Light
Rust
Coal
Navy
Ayu
Andy Codes
Exploits I've developped or controbited to
Karaf v4.4.3 Console RCE
[Exploit-DB]
[GitHub]
OSGi v3.8-3.18 Console RCE
[Exploit-DB]
[GitHub]
OSGi v3.7.2 Console RCE
[Exploit-DB]
[GitHub]