Code Before Breach

🔥 A Mind That Dissects Systems

Endpoint Evasion Techniques (2020–2025): The Evolution of Attacks Bypassing EDR

This post analyzes the evolution of endpoint evasion techniques from 2020 to 2025. It covers BYOI, BYOVD, DLL hijacking, service tampering, and other sophisticated methods attackers use to bypass EDR and AV. Real-world ransomware cases and vendor impact are discussed, along with defensive insights.

SPOF in Cybersecurity: From History to Strategy, a Graph-Based Analysis

Analyzing the threat of Single Points of Failure (SPOF) through historical examples and graph theory, this piece presents a strategic approach to identifying and mitigating structural weaknesses in cybersecurity infrastructures.

Detection Frameworks and Latest Methodologies for eBPF-Based Backdoors

This article analyzes the rise of backdoors and rootkits exploiting eBPF, the detection challenges they pose, and comprehensively summarizes the latest countermeasures and research trends (2023–2025), including Tracee, LKRG, bpftool, and hypervisor-based auditing.

In-Depth Report on Telecommunication Security: SKT Breach and Global Case Studies

An in-depth analysis focusing on the 2025 SKT breach, the core security structures of telecom infrastructure, and historical global incidents (Gemalto, APT10, Circles). Also covers subscriber authentication (Ki, SUPI/SUCI) and security differences between 5G SA and NSA.

🔥 Trust and Culture Beyond Technology

Is Your Data in the Cat's Paws?

The 2025 KakaoPay case exposed the limits of formal consent and self-regulation. Data democracy must be achieved through AI-based DPIA verification and civic oversight.

There’s No Such Thing as a Free Lunch, But Security Was Free

The global security community has depended on CVE for decades without ever paying a dime. As the system nears collapse, it’s time to ask who should bear the cost of public cybersecurity infrastructure.

Common Security Myths Developers Tell Themselves

This article breaks down common developer security myths—responsibility deflection, overconfidence in technology, and security underestimation—and offers realistic countermeasures.

Common Misconceptions of Security Assessors

As the cybersecurity landscape constantly evolves, vulnerability assessment has become a critical defense against potential security breaches. However, due to common misconceptions, the effectiveness of these evaluations often diminishes. In this article, we will explore the common misconceptions about security vulnerability assessments and suggest effective strategies to overcome these issues, ultimately supporting the improvement of organizational security levels.

🔥 Code That Fixes, Not Just Runs

How I Managed Unmaintained Open Source with Gmail and Snyk Alerts

When API access falls short, automation through Gmail and Apps Script becomes essential. Here’s how I used Google Apps Script to collect Snyk vulnerability alerts and patch data automatically.

How to Block ECH and Mitigate DoH in Enterprise Networks

A hands-on guide using dnsmasq to filter SVCB and HTTPS records for disabling ECH and enforcing central DNS policies. Notes that DoH requires separate network-layer policies.

Bypassing citrix policy is not a vulnerability, but it can be a violation of the law

Bypassing Citrix Policy is Not a Vulnerability but a Legal Violation Note!! Based on discussions with Citrix through VINCE from cert.org, it was concluded that this is not classified as a vulnerability because it requires administrative privileges. Therefore, I can share this information without security concerns. However, for security reasons, I do not recommend using Xendesktop (VDI) in special environments such as logically isolated or closed networks. If VDI must be used in such environments, please ensure that administrator privileges are removed and security-specific software is installed. ...

Strengthening cybersecurity through government ngos and bug bounty programs

Strengthening Cybersecurity Through Government NGOs and Bug Bounty Programs: A Look at Security Taxes and Their Implementation in Various Countries In today’s digital age, information security has become a critical concern for individuals, businesses, and governments alike. Cyber attacks and data breaches have become increasingly common and sophisticated, and the consequences can be devastating. This is why it is essential to have robust cybersecurity measures in place to protect against these threats. ...

Security threats and mitigation strategies for java reflection

Security Threats and Mitigation Strategies for Java Reflection The Java Reflection API is a powerful tool that allows dynamic manipulation of classes, methods, and interfaces at runtime. However, due to its flexibility, it introduces significant security risks, as attackers can exploit it to gain unauthorized access to systems. In this article, we will explore the security threats posed by Java Reflection and outline strategies to mitigate these risks. The Risks of Using Reflection API Reflection is commonly used to inspect the structure of objects or dynamically invoke methods at runtime. However, without a proper Security Manager, sensitive methods (like execute, eval, etc.) can be accessed, leading to potential Remote Code Execution (RCE) attacks. ...

About the XSSAudit

Why Was the XSSAudit Feature Removed in Chrome? The Google Security Team proposed to the Chrome development team to remove the XSSAudit feature. Although the only rationale provided was that the feature could be bypassed (as argued in a paper by evn@google.com), it initially seemed unlikely that removal would proceed. However, it was ultimately decided that the feature would be completely eliminated in Chrome. The main point of the paper is that bypass methods using targets within new JavaScript frameworks are difficult to defend against. Therefore, it proposes a shift from the existing mitigation approach (the xssaudit filter) to an isolation/prevention method, namely Content Security Policy (CSP). ...