A personal site for experiments in cybersecurity, reverse engineering, and whatever breaks along the way.https://elliott.diy/https://elliott.diy/blog/lockbit-tracking/https://elliott.diy/blog/lockbit-tracking/Scanned 62k Bitcoin addresses from the LockBit ransomware leak to see which wallets were funded. Here’s what I found.Mon, 05 May 2025 00:00:00 GMThttps://elliott.diy/blog/curseforge/https://elliott.diy/blog/curseforge/An unauthenticated local WebSocket server in the CurseForge launcher allowed any website to trigger remote code execution via attacker-controlled JVM arguments.Tue, 23 Dec 2025 00:00:00 GMThttps://elliott.diy/blog/supershy/https://elliott.diy/blog/supershy/How I found a RCE vulnerability in a privacy VPN.Sun, 06 Jul 2025 00:00:00 GMT