Lachlan Davidson
Home CVEs & Disclosures Blog About

Bypassing Brute-Force Protections with LOTS of GraphQL

Authored by Lachlan Davidson

An exploration of making huge GraphQL requests to bypass brute-force restrictions.

Awesome GraphQL CSRF and SSRF

Authored by Lachlan Davidson

Exploiting poor GraphQL validation for epic CSRF and SSRF impacts.

Mounting GlusterFS with a Docker Container in Flatcar Linux/CoreOS

Authored by Lachlan Davidson

When building a Docker Swarm cluster in my homelab using Flatcar Linux, I found myself needing to mount a remote GlusterFS volume.

X Marks the Spot - Secrets in Source Maps

Authored by Lachlan Davidson

Reverse engineering front-end code and finding secrets in JavaScript source maps.

Configuring Rocky Linux, FreeIPA and Samba for Kerberos Support on Windows Clients

Authored by Lachlan Davidson

An adventure in using Rocky Linux, FreeIPA and Samba for identity management, kerberos auth and more for my homelab.