VSCode Security Cover Image

VS Code Security: Looking at the IDE from Security Lens

While perusing StackOverflow's 2023 Developer Survey (yes, we developers have our own version of celebrity gossip), I couldn’t help but notice that our trusty VSCode is still riding high as the undisputed IDE champ. With a whopping 73% of the developer vote, it’s safe to say that VSCode has firmly planted its flag. But, like any superstar, it’s not immune to the spotlight’s glare, especially when it comes to security. And in this blog, we’ll explore the security aspects that every VSCode user should consider....

September 14, 2023 · 6 min · Kumar Ashwin
Rubber Ducky Cover

My Experiments with Raspberry Pi Pico - Poor Man's Rubber Ducky

Mr. Robot Season 2 Episode 9 - “Rubber Duckie, You’re The One” - I was fascinated by this piece of technology when I first saw it many years ago. Then I looked it up on the internet to learn more about it, and it turned out to be HID, or Human Interface Device. It basically imitates users and executes code or performs actions in their place. Since the real rubber ducky was out of my budget, I looked for alternatives and discovered that similar behaviour to the rubber ducky can be achieved using a less expensive piece of hardware - the Raspberry Pi Pico (7$)....

February 4, 2023 · 7 min · Kumar Ashwin

Bug Bounty Summit CTF Writeup

The CTF is live on Hacker101 as Grayhatcon CTF – Hacker101 CTF The CTF was built upon real vulnerabilities found during bug bounties. It had four flags – 250 points each. Objective - Hackerone’s Username and Password database has been leaked and put on an auction. Our task was to delete the auction listing before anyone buys it. We were given an IP, which resolved to a web application....

November 2, 2020 · 6 min · Kumar Ashwin
Talk Banner

Hacking Is Not Black & White

This is related to a talk given by me and pre & post-event activities, that were conducted at Developer Circles, Pune and Bengaluru. It all started with DEFCON 2020 Red Team Village CTF, my team and I reached the Top 50 and it was just amazing for all of us. It was an enriching experience, solving challenges from a wide range of categories and learning new stuff in the process. One section of the CTF dealt with Malware Analysis and I was fascinated by this domain of security and have been learning about it....

November 1, 2020 · 5 min · Kumar Ashwin