Chocapikk
Security Researcher & Exploit Developer
Breaking, building, and documenting. Vulnerability research, exploit development, and offensive security.
Latest
CeWL Is Dead. Here's What Replaces It.
CeWL has been the default wordlist generator for 10 years. CeWL AI crawls HTTP, FTP, SFTP, SMB, and S3 targets, feeds context to an LLM, scans for secrets with 800+ trufflehog detectors, and dumps files - all from one binary.
Read more →Recent
all →Xboard / V2Board: Magic Link Token Leak - Unauthenticated Account Takeover
The loginWithMailLink endpoint in Xboard and V2Board returns the magic login link in the HTTP response body, allowing unauthenticated attackers to take over any account - including admin.
Dumping PostgreSQL Without Credentials: Heap File Parsing for Offensive Security
A technique for extracting PostgreSQL data through arbitrary file read vulnerabilities - without credentials, without SQL access, without knowing the schema. Full auto-discovery via system catalogs.
Windfall: From Path Traversal to RCE in Nextcloud Flow & Windmill
Critical vulnerabilities in Windmill: unauthenticated path traversal leading to RCE, plus an authenticated SQL injection enabling full privilege escalation (operator → super admin → root RCE). Affects standalone Windmill and Nextcloud Flow.
From Zero to Exploit Dev: What Actually Worked
How I went from knowing nothing about computers in 2020 to writing exploits. No magic, no shortcuts, just the process.
How I Added PTY Support to Busybox Shells (When Everyone Said It Was Impossible)
Every shell handler fails on busybox/Alpine. No script, no python, no PTY. I fixed it with 80 lines of C and a base64 upload.
Reverse Engineering the ITE 8910 Keyboard RGB Protocol for OpenRGB
How I reverse-engineered the complete USB HID protocol of the ITE 8910 keyboard controller from a Windows DLL and .NET executable, and contributed per-key RGB support with 14 modes to OpenRGB - the first implementation for this chip on Linux.
NEVER GONNA
GIVE YOU UP
You were warned.