Offensive
security
research

By Jihwan yoon (blackcon) — exploit development, reversing, and vulnerability research on AI systems, hypervisors, and the things people trust. Recent work includes a critical LiteLLM RCE (silently patched before a planned Pwn2Own 2026 entry) and a Claude Code trust-model analysis disclosed through HackerOne.

Focus: AI / LLM Security Hypervisors Reversing Research

Featured research

Research · AI-Security May 12, 2026
Claude Code의 trust prompt 우회 3종 — HackerOne 제보와 "intended behavior" 종결
Three independent ways to bypass Claude Code's trust prompt for silent shell execution from a cloned repo — and why Anthropic closed all three as intended be...
Research · AI-Security May 3, 2026
LiteLLM에서 발견한 Jinja2 SSTI 취약점 — Pwn2Own 2026 출전 시도와 silent fix 분석
A single unauthenticated request reached uid=0 on the LiteLLM proxy via Jinja2 SSTI — a critical RCE silently patched days before a planned Pwn2Own Berlin 20...
Research · MCP Apr 10, 2025
MCP 보안 취약점, Advanced-Tool-Poison-Attack
Advanced Tool Poisoning hides malicious instructions in MCP tool outputs rather than descriptions, defeating defenses that only inspect tool metadata.
Research · Hyper-v Mar 29, 2022
HVFUZZ
A Hyper-V hypercall fuzzer built on hAFL2 for hunting bugs in the Microsoft virtualization stack.

Latest

Research · MCP Apr 10, 2025
MCP 보안 취약점, Tool-Poison-Attack
Hacking · Reversing Mar 31, 2025
CTF 문제로 알아보는 ESP32 리버싱
Hacking · Theory Dec 21, 2024
ROP (Return Oriented Programming) 란?
Tools · Sanitizer Sep 21, 2023
C와 C++ 코드에서 메모리 오류를 감지하는 도구 | Address Sanitizer
Tools · gdb Sep 19, 2023
퍼너블/리버싱을 위한 도구 설치 방법 | gdb-peda 설치 가이드
Tools · Miniconda Sep 18, 2023
Miniconda 설치 및 사용법

View all writing →

Trending Tags

Hacking System hacking AI hacking research basic disclosure programming python aptos

Trending Tags

Hacking System hacking AI hacking research basic disclosure programming python aptos

A new version of content is available.

Offensivesecurityresearch

Featured research

Latest

Offensive
security
research