WHO_I_AMME

// RESEARCH_ARCHIVES

Google Antigravity Exfiltrates Data
Nov 25, 2025

Google Antigravity Exfiltrates Data

An indirect prompt injection in an implementation blog can manipulate Antigravity to invoke a malicious browser subagent in order to steal c

Read more
Don't Kill my Demon - Havoc for Adversary
Dec 28, 2025

Don't Kill my Demon - Havoc for Adversary

Shellcode and Multiple Agents: Combined with Cobalt Strike Malleable C2 Profile Less popular compared to others, but that’s Havoc. "I respec

Read more
Red Teaming Python-based Application with SSTI - Part 4
Dec 21, 2025

Red Teaming Python-based Application with SSTI - Part 4

Server Side Template injection / SSTI with evasion on Python (Flask and Jinja2) based application, whiteBox Pentesting scenario. SSTI Exerci

Read more