Practical security research & bug hunting Link to heading
Nullsight is a working space for independent security research – focusing on finding, understanding, and documenting real vulnerabilities across software, hardware, and networks.
It’s where I publish clear, reproducible findings from ongoing work in web and API security, embedded systems, firmware analysis, and network protocol research. The emphasis is always on methodology over spectable – step-by-step process, clean proof-of-concepts, and takeaways other researchers or vendors can reuse.
Focus Areas Link to heading
- Web & API Security - Authentication, access control, logic flaws and injection issues.
- Firmware & Embedded Analysis - extraction, reverse engineering, configuration and secret discovery
- Network & Protocol Research - M-Bus, Modbus, Zigbee, BLE, Wi-Fi; passive and active testing in controlled environments.
- Tooling - Small, reliable utilities for recon, parsing and fuzzing written in Python, Rust or maybe Assembly for fun.
Philosophy Link to heading
- Operate within scope - only authorised targets or owned devices.
- Build your own lab - Repeatable environments teach more than theory.
- Share responsibly - Disclosure before publicity, clarity over drama
Projects & Posts Link to heading
Most activity lives under:
- Research – Detailed write-ups and case studies
- Tools – Open utilities and scripts
- Lab Notes – Shorter, ongoing experiments