Home Latest

Yash Omer

Notes on application security, offensive security, and AI/ML security.

LinkedIn GitHub

🤖 AI Security

  • 2026-07-19 OWASP PwnzzAI Lab 13: Agentic SQL & Routing — what I learned
  • 2026-07-19 OWASP PwnzzAI Lab 12: Misinformation — what I learned
  • 2026-07-17 OWASP PwnzzAI Lab 11: Excessive Agency — what I learned
  • 2026-07-15 OWASP PwnzzAI Lab 10: Sensitive Information Disclosure — what I learned
  • 2026-07-13 OWASP PwnzzAI Lab 9: Unbounded Consumption — what I learned
  • 2026-07-11 OWASP PwnzzAI Lab 8: Promotion Photo — what I learned
  • 2026-07-09 OWASP PwnzzAI Lab 7: Indirect Prompt Injection — what I learned
  • 2026-07-07 OWASP PwnzzAI Lab 6: Direct Prompt Injection — what I learned
  • 2026-07-05 OWASP PwnzzAI Lab 5: Improper Output Handling — what I learned
  • 2026-07-03 OWASP PwnzzAI Lab 4: Supply Chain Vulnerability — what I learned
  • 2026-07-01 OWASP PwnzzAI Lab 3: RAG Poisoning — what I learned
  • 2026-06-29 OWASP PwnzzAI Lab 2: Training Data Poisoning — what I learned
  • 2026-06-27 OWASP PwnzzAI Lab 1: Model Theft — what I learned

📱 Mobile Security

  • 2021-04-11 Android Hidden API Restrictions
  • 2021-03-13 Preventing SSL Pinning Bypass on iOS

🪟 Windows Security

  • 2021-01-31 Ancillary Function Driver [MS11-046]
  • 2021-01-11 Windows Stack Buffer Overflow

🦠 Malware & Reverse Engineering

  • 2021-02-14 Emotet Malware Analysis
  • 2021-01-28 Flare-On Challenge 2 — Garbage
  • 2021-01-26 Flare-On Challenge 1 — Fidler

🔎 Digital Forensics

  • 2021-03-03 Forensic Challenge 03 — Evil's den
  • 2021-02-14 Forensic Challenge 1 — Beginner's Luck
  • 2021-02-14 Forensic Basics Challenge 0