just another security-related blog.
Hey, I’m Igris — a security engineer who likes taking things apart to understand how they break.
This blog is my field notebook: deep dives into Linux and kernel internals, hardware security, reverse engineering and malware development, and lately the messy, fascinating frontier where AI meets offensive and defensive security.
Expect hands-on write-ups, paper breakdowns, and the occasional rabbit hole — written to make hard problems a little more approachable (and to remind me what I learned along the way). Whether you’re a fellow practitioner, a curious beginner, or just here to watch something get rooted, pull up a chair.
Let’s explore, break, and build.
Recent blogs,
-
PACMAN: Breaking ARM Pointer Authentication with Speculative Execution
ARM Pointer Authentication was designed around a simple and elegant principle: if an attacker corrupts a protected pointer, the program crashes. No crash suppression, no oracle, no way...
-
SoK: Bootloader Security Is Worse Than You Think
Bootloaders sit at the most privileged layer of any system. They run before the OS, before virtual memory is initialized, before most exploit mitigations exist as a concept....
-
AI Red Teaming in the Agentic Era: From Weeks to Hours
Here’s a question nobody asks out loud at AI security conferences: of the time you spent on your last red team engagement, how much of it was actually...
-
The End of Online Anonymity? How LLMs Are Cracking the Code of Practical Obscurity
For decades, internet users have relied on a comforting shield known as “practical obscurity.” The idea is simple: while you could theoretically be identified by your zip code,...
-
Can a 7B Model Beat GPT-o3 at Finding Bugs? Meet VulnLLM-R
In the world of cybersecurity, finding vulnerabilities is like finding a needle in a haystack. Traditionally, we relied on static analysis tools (like CodeQL) which are fast but...