Chocapikk
Security Researcher & Exploit Developer
Breaking, building, and documenting. Vulnerability research, exploit development, and offensive security.
Latest
How to Start Contributing to Metasploit: Field Notes from 68 Modules
68 modules in 2.5 years. Here's what the official docs don't tell you about writing Metasploit modules - from finding targets to surviving code review.
Read more →Recent
all →Your .swp Files Are Telling on You: A Git Forensics Guide
Swap files from Vim and nano can leak usernames, hostnames, and sensitive data in git repos. Even after deletion, the blob stays in git history forever. Here's how to find them and how to actually clean them.
CeWL Is Dead. Here's What Replaces It.
CeWL has been the default wordlist generator for 10 years. CeWL AI crawls HTTP, FTP, SFTP, SMB, and S3 targets, feeds context to an LLM, scans for secrets with 800+ trufflehog detectors, and dumps files - all from one binary.
Xboard / V2Board: Magic Link Token Leak - Unauthenticated Account Takeover
The loginWithMailLink endpoint in Xboard and V2Board returns the magic login link in the HTTP response body, allowing unauthenticated attackers to take over any account - including admin.
Dumping PostgreSQL Without Credentials: Heap File Parsing for Offensive Security
A technique for extracting PostgreSQL data through arbitrary file read vulnerabilities - without credentials, without SQL access, without knowing the schema. Full auto-discovery via system catalogs.
Windfall: From Path Traversal to RCE in Nextcloud Flow & Windmill
Critical vulnerabilities in Windmill: unauthenticated path traversal leading to RCE, plus an authenticated SQL injection enabling full privilege escalation (operator → super admin → root RCE). Affects standalone Windmill and Nextcloud Flow.
From Zero to Exploit Dev: What Actually Worked
How I went from knowing nothing about computers in 2020 to writing exploits. No magic, no shortcuts, just the process.
NEVER GONNA
GIVE YOU UP
You were warned.