GuptaLog
(Move to ...)
Home
▼
Sunday, 24 May 2026
I built a scanner that found 41 live AWS keys in 900 Terraform state files
›
I built a scanner that guesses S3 bucket names and looks for .tfstate files. Terraform state is a JSON file that happens to contain all you...
Wednesday, 20 May 2026
I poisoned a Hugging Face dataset and it stayed up for 6 months
›
I uploaded a “fine-tuning dataset” to Hugging Face with 1,000 rows of clean code and 50 rows of backdoored examples. The backdoor: any funct...
Monday, 18 May 2026
I reproduced a Claude Code RCE. The bug is everywhere.
›
Last week, security researcher Joernchen published a clever RCE in Claude Code 2.1.118 . I spent Saturday reproducing it from the advis...
2 comments:
Friday, 10 April 2026
I bypassed AWS API Gateway auth with a trailing slash. Got $12K bounty.
›
(See original article: I bypassed AWS API Gateway auth with a trailing slash. Got $12K bounty. ) I was poking at a fintech’s mobile API an...
3 comments:
‹
Home
View web version
%20(1)%20(1).png)
.jpg)
%20(1).png)