Skip to content

Whoami – Mrvar0x

A Red Teamer and Security Researcher.

Sharing knowledge and achievements. I’m open for any feedback, feel free to contact me at anytime.

Notable Achievements

CVE-2022-44284
CVE-2022-44283
CVE-2022-30055
CVE-2022-28480
CVE-2022-28994
CVE-2021-46368
CVE-2022-37771
CVE-2021-45856
CVE-2021-45334
CVE-2021-44429
CVE-2021-44428
CVE-2022-36670
CVE-2022-1068
CVE-2022-31371
CVE-2023-29785
CVE-2023-29786

Local Exploits

Unquoted Service Path & DLL Hijacking on Worktime 10.20
Nextar C472 Point-of-Sale (POS) DLL Hijacking
Xlight FTP Server 3.9.3.1 – Local Buffer Overflow
AbsoluteTelnet 11.24 Phone/Username Local Buffer Overflow
Real Time Automation 460MCBS 5.2.14 Cross Site Scripting

Publications

Author of Book (Learn Penetration Testing with Python3.X)
Speaker at many international conferences
Hall of Fame of many websites
There is a lot more you can view my LinkedIn
Github

Hacking is to Know the Unknown - & Break Boundaries Guided by Curiosity