RagSec

IOT & ICS/SCADA Security Researcher | Co-Host of Cyber.Phunk | Social Engineer

People Ive Worked With

Aviation ISAC

I worked with Aviation ISAC on the AirFASE Disclosures and they were a pleasure to work with and a great help in the remediation of the issues with AirFASEI worked with Aviation ISAC on the AirFASE Disclosures and they were a pleasure to work with and a great help in the remediation of the issues with AirFASE

Lantronix

I reported a previously disclosed vulnerability regarding their devices leaking the telnet passwords along with advice on how to solve this. They took the advice onboard and thanked me for the work and advice.I reported a previously disclosed vulnerability regarding their devices leaking the telnet passwords along with advice on how to solve this. They took the advice onboard and thanked me for the work and advice.

Discord

I worked with Discord regarding a disclosure for an exploit myself and Styx developed using URI’s to pop reverse TCP shells. However, Discord classed this concept as a Social Engineering attack and thus was not covered in their blog postI worked with Discord regarding a disclosure for an exploit myself and Styx developed using URI’s to pop reverse TCP shells. However, Discord classed this concept as a Social Engineering attack and thus was not covered in their blog post

KCOM

Thanked for numerous XSS and exposure disclosuresThanked for numerous XSS and exposure disclosures

Latest Blog Posts

Using URI to pop shells via the Discord Client

Introduction Myself and a fellow researcher: Styx were the leads on this research and we were backed up by CyberSecStu, and 5w0rdFish from The Many Hats Club. We discovered a[…]

Read more

Global Aviation Cyber Security Issue – AirFASE Write Up

A small group of security researchers formed of Kizzzzurt (@Infosec_Pom), CyberSecStu (@CyberSecStu) and myself discovered 32 AirFASE devices connected to the public internet via port 8080 over HTTP. The initial[…]

Read more