Offensive Security Research
Exploit development,
reversing & vulnerability
research.
Jihwan yoon(blackcon)의 연구 공간. AI/LLM 인프라와 가상화 스택을 파고듭니다. 최신 작업은 아래 색인에서 확인하세요.
Featured research
- 01 Claude Code의 trust prompt 우회 3종 — HackerOne 제보와 "intended behavior" 종결 Three independent ways to bypass Claude Code's trust prompt for silent shell execution from a cloned repo — and why Anthropic c...
- 02 LiteLLM에서 발견한 Jinja2 SSTI 취약점 — Pwn2Own 2026 출전 시도와 silent fix 분석 A single unauthenticated request reached uid=0 on the LiteLLM proxy via Jinja2 SSTI — a critical RCE silently patched days befo...
- 03 MCP 보안 취약점, Advanced-Tool-Poison-Attack Advanced Tool Poisoning hides malicious instructions in MCP tool outputs rather than descriptions, defeating defenses that only...
- 04 MCP 보안 취약점, Tool-Poison-Attack How Tool Poisoning hides malicious instructions inside MCP tool descriptions to manipulate the LLM that consumes them.
- 05 HVFUZZ A Hyper-V hypercall fuzzer built on hAFL2 for hunting bugs in the Microsoft virtualization stack.
Latest
View all →