NotFoundSec
@malwarerob.bsky.social
I'm an independent malware researcher and osinter
I created a simple Arduino-based traffic light simulation — but what started as a learning project turned into a realization: many legacy systems are fragile, unprotected, and vulnerable to exploitation.
read here: www.notfoundsec.com/traffic-ligh...
read here: www.notfoundsec.com/traffic-ligh...
October 6, 2025 at 3:19 AM
I created a simple Arduino-based traffic light simulation — but what started as a learning project turned into a realization: many legacy systems are fragile, unprotected, and vulnerable to exploitation.
read here: www.notfoundsec.com/traffic-ligh...
read here: www.notfoundsec.com/traffic-ligh...
I modified a simple LED Arduino project into a malicious firmware that blinks "HACKED" in Morse code.
This side channel attack reflects real-world LED exfiltration research
read more here: www.notfoundsec.com/blink-to-bac...
#cybersecurity #iot #iotsecurity #arduino #firmware #signalintel
This side channel attack reflects real-world LED exfiltration research
read more here: www.notfoundsec.com/blink-to-bac...
#cybersecurity #iot #iotsecurity #arduino #firmware #signalintel
September 18, 2025 at 1:11 AM
I modified a simple LED Arduino project into a malicious firmware that blinks "HACKED" in Morse code.
This side channel attack reflects real-world LED exfiltration research
read more here: www.notfoundsec.com/blink-to-bac...
#cybersecurity #iot #iotsecurity #arduino #firmware #signalintel
This side channel attack reflects real-world LED exfiltration research
read more here: www.notfoundsec.com/blink-to-bac...
#cybersecurity #iot #iotsecurity #arduino #firmware #signalintel
Many OSINT workflows ignore non-English sources — and that’s a huge blind spot.
I wrote a mini-course to help break that barrier using tools, techniques, and survival tips for multilingual investigations.
📝 www.notfoundsec.com/breaking-the...
I wrote a mini-course to help break that barrier using tools, techniques, and survival tips for multilingual investigations.
📝 www.notfoundsec.com/breaking-the...
Breaking the Language Barrier in OSINT – Yeti’s Translation Survival Guide
Hey snow trackers — Yeti here. 🐾 Ever felt like an international investigator stuck in a one-language igloo? Yeah, we’ve all been there. Information’s out there in the wild, but sometimes it’s…
www.notfoundsec.com
September 11, 2025 at 8:06 AM
Many OSINT workflows ignore non-English sources — and that’s a huge blind spot.
I wrote a mini-course to help break that barrier using tools, techniques, and survival tips for multilingual investigations.
📝 www.notfoundsec.com/breaking-the...
I wrote a mini-course to help break that barrier using tools, techniques, and survival tips for multilingual investigations.
📝 www.notfoundsec.com/breaking-the...
❄️ Just published a breakdown on Sliver C2 and beaconing
What Sliver is and why it's used
How beaconing works
How attackers stay hidden
How defenders can spot & block it
Includes a full walkthrough and mitigation tips.
📝 www.notfoundsec.com/sliver-c2-an...
#cybersecurity
What Sliver is and why it's used
How beaconing works
How attackers stay hidden
How defenders can spot & block it
Includes a full walkthrough and mitigation tips.
📝 www.notfoundsec.com/sliver-c2-an...
#cybersecurity
Sliver C2 and Beaconing
❄️ Disclaimer: This post is for educational and awareness purposes only. Don’t be a snow troll — use this knowledge responsibly, in labs and learning environments only. What is Sliver? Sliver is a…
www.notfoundsec.com
September 10, 2025 at 3:36 AM
❄️ Just published a breakdown on Sliver C2 and beaconing
What Sliver is and why it's used
How beaconing works
How attackers stay hidden
How defenders can spot & block it
Includes a full walkthrough and mitigation tips.
📝 www.notfoundsec.com/sliver-c2-an...
#cybersecurity
What Sliver is and why it's used
How beaconing works
How attackers stay hidden
How defenders can spot & block it
Includes a full walkthrough and mitigation tips.
📝 www.notfoundsec.com/sliver-c2-an...
#cybersecurity
Just published a walkthrough on XOR — simple, reversible, and loved by malware devs.
What XOR is
How malware uses it to obfuscate
Go demo that locks/unlocks files
📝 www.notfoundsec.com/xor-in-go-lo...
What XOR is
How malware uses it to obfuscate
Go demo that locks/unlocks files
📝 www.notfoundsec.com/xor-in-go-lo...
XOR in Go – Locking, Unlocking, and Malware Mischief
Hey snowpack! Yeti’s back stomping through the icebox with another coding project. Today, we’re tackling a deceptively simple but powerful concept: XOR (exclusive OR) — the snow shovel of…
www.notfoundsec.com
August 27, 2025 at 12:11 AM
Just published a walkthrough on XOR — simple, reversible, and loved by malware devs.
What XOR is
How malware uses it to obfuscate
Go demo that locks/unlocks files
📝 www.notfoundsec.com/xor-in-go-lo...
What XOR is
How malware uses it to obfuscate
Go demo that locks/unlocks files
📝 www.notfoundsec.com/xor-in-go-lo...
I just got interviewed by @italki about my journey as a Technology Teacher!
I teach not just English, but also hands-on tech concepts like dev & cybersecurity
I am thankful for all the support1 — excited to keep building the bridge between tech + communication
I teach not just English, but also hands-on tech concepts like dev & cybersecurity
I am thankful for all the support1 — excited to keep building the bridge between tech + communication
August 20, 2025 at 3:54 AM
I just got interviewed by @italki about my journey as a Technology Teacher!
I teach not just English, but also hands-on tech concepts like dev & cybersecurity
I am thankful for all the support1 — excited to keep building the bridge between tech + communication
I teach not just English, but also hands-on tech concepts like dev & cybersecurity
I am thankful for all the support1 — excited to keep building the bridge between tech + communication
Hey everyone! I made my first mini course about Geospatial Intelligence and how it can be used for anyone!
If you want to check it out and see how you can use it check out my post!
www.notfoundsec.com/how-to-find-...
Thank you and Enjoy
If you want to check it out and see how you can use it check out my post!
www.notfoundsec.com/how-to-find-...
Thank you and Enjoy
How to Find a location from a single photo
Course Objectives By the end of this module, you will be able to: * Define Geospatial Intelligence (GEOINT). * Identify visual clues in an image to aid geolocation. * Use reverse image search,…
www.notfoundsec.com
August 15, 2025 at 8:08 AM
Hey everyone! I made my first mini course about Geospatial Intelligence and how it can be used for anyone!
If you want to check it out and see how you can use it check out my post!
www.notfoundsec.com/how-to-find-...
Thank you and Enjoy
If you want to check it out and see how you can use it check out my post!
www.notfoundsec.com/how-to-find-...
Thank you and Enjoy
Recently, I became an OSINT Trainer for @tracelabs.bsky.social
So I have the opportunity to increase my technical teaching and help a great cause. Im excited to see how I will grow as an educator
So I have the opportunity to increase my technical teaching and help a great cause. Im excited to see how I will grow as an educator
August 12, 2025 at 2:00 PM
Recently, I became an OSINT Trainer for @tracelabs.bsky.social
So I have the opportunity to increase my technical teaching and help a great cause. Im excited to see how I will grow as an educator
So I have the opportunity to increase my technical teaching and help a great cause. Im excited to see how I will grow as an educator
Just wrapped up a walkthrough on exploiting Directory Traversal in PortSwigger Academy.
I break down the attack flow, impact, and common misconfigurations that make it possible.
Read here:
www.notfoundsec.com/directory-tr...
I break down the attack flow, impact, and common misconfigurations that make it possible.
Read here:
www.notfoundsec.com/directory-tr...
🗂️ Directory Traversal in Web Apps
🥶 A Chilling Walkthrough with Your Favorite Frostbitten Friend – Yeti Hey everyone — Yeti is back, cold claws on the keyboard and ready to climb some paths we were never meant to touch. Today’s icy…
www.notfoundsec.com
August 4, 2025 at 1:08 PM
Just wrapped up a walkthrough on exploiting Directory Traversal in PortSwigger Academy.
I break down the attack flow, impact, and common misconfigurations that make it possible.
Read here:
www.notfoundsec.com/directory-tr...
I break down the attack flow, impact, and common misconfigurations that make it possible.
Read here:
www.notfoundsec.com/directory-tr...
New blog post up:
Exploiting CSRF with No Defenses (PortSwigger Lab Walkthrough)
If you're brushing up on CSRF techniques or learning web app security, this write-up walks through the full exploitation flow and key lessons from the lab.
www.notfoundsec.com/exploiting-c...
Exploiting CSRF with No Defenses (PortSwigger Lab Walkthrough)
If you're brushing up on CSRF techniques or learning web app security, this write-up walks through the full exploitation flow and key lessons from the lab.
www.notfoundsec.com/exploiting-c...
🕷️ Exploiting CSRF with No Defenses – PortSwigger Lab Walkthrough
❄️ Yeti’s back, sharpened claws ready, and today we’re hijacking trust itself — one forged request at a time. We’re taking on a classic yet devastating vulnerability from the PortSwigger Web Security…
www.notfoundsec.com
August 3, 2025 at 10:46 AM
New blog post up:
Exploiting CSRF with No Defenses (PortSwigger Lab Walkthrough)
If you're brushing up on CSRF techniques or learning web app security, this write-up walks through the full exploitation flow and key lessons from the lab.
www.notfoundsec.com/exploiting-c...
Exploiting CSRF with No Defenses (PortSwigger Lab Walkthrough)
If you're brushing up on CSRF techniques or learning web app security, this write-up walks through the full exploitation flow and key lessons from the lab.
www.notfoundsec.com/exploiting-c...
Just published a write-up on directory enumeration using ffuf against OWASP Juice Shop.
I walk through the recon process, how to spot hidden endpoints, and the risks of forgotten directories in production.
www.notfoundsec.com/directory-bu...
I walk through the recon process, how to spot hidden endpoints, and the risks of forgotten directories in production.
www.notfoundsec.com/directory-bu...
🧊 Directory Busting in OWASP Juice Shop with FFUF: Yeti Digs Deep
Heyo snowpackers — Yeti here, fresh off the slopes and armed with a fuzz cannon. Today, we’re smashing down snow-covered doors in the world of directory busting — one of the oldest recon tactics that…
www.notfoundsec.com
August 2, 2025 at 12:19 PM
Just published a write-up on directory enumeration using ffuf against OWASP Juice Shop.
I walk through the recon process, how to spot hidden endpoints, and the risks of forgotten directories in production.
www.notfoundsec.com/directory-bu...
I walk through the recon process, how to spot hidden endpoints, and the risks of forgotten directories in production.
www.notfoundsec.com/directory-bu...
Looks like important web pages are being disrupted.
People should familiarize themselves with the wayback machine and find archived data on the internet.
web.archive.org
People should familiarize themselves with the wayback machine and find archived data on the internet.
web.archive.org
Wayback MachineHamburger iconInternet Archive logoWeb iconTexts iconVideo iconAudio iconSoftware iconImages iconDonate iconEllipses iconDonate iconUser iconUpload iconSearch iconSearch iconSearch icon...
web.archive.org
February 1, 2025 at 4:25 AM
Looks like important web pages are being disrupted.
People should familiarize themselves with the wayback machine and find archived data on the internet.
web.archive.org
People should familiarize themselves with the wayback machine and find archived data on the internet.
web.archive.org
Currently learning C for malware development and malware analysis. This language definitely is no joke! It's hard but i love it!
December 19, 2024 at 1:07 AM
Currently learning C for malware development and malware analysis. This language definitely is no joke! It's hard but i love it!
I think research has become a new addiction because I want to understand how things work
December 15, 2024 at 8:31 AM
I think research has become a new addiction because I want to understand how things work
Reposted by NotFoundSec
Whenever I have to review c#
December 12, 2024 at 10:27 PM
Whenever I have to review c#