Ivan Spiridonov
Offensive Security Consultant

Specialized in discovering and exploiting security vulnerabilities in web applications, networks, and infrastructure to help organizations improve their security posture.

Read My BlogView My CVEs
terminal — xbz0n@sh:~#

Expertise

Web Application Security

Identifying and exploiting vulnerabilities in web applications to prevent potential security breaches.

Exploit Development

Creating proof-of-concept exploits for discovered vulnerabilities and developing custom security tools for specialized testing scenarios.

Security Research

Discovering and responsibly disclosing vulnerabilities in software and systems with published CVEs.

Latest Research

View all posts →
OSINTCTIAI SecurityJailbreakCustom GPTCult IntelligenceFeb 12, 2026

Extracting a Dead Cult Leader's AI Mind

In February 2026, six people died across two crime scenes in Bulgaria's western mountains — three in what authorities described as a group suicide, and three more in what prosecutors called two mur...

Read full analysis →
Post-ExploitationWindowsRed TeamPowerShellLOLBinsLateral MovementOffensive SecurityNov 28, 2025

Living Off the Land: Windows Post-Exploitation Without Tools

I'll never forget one of my first red team engagements where I learned this lesson the hard way. I'd spent two days carefully phishing my way into a financial services company, finally landing a sh...

Read full analysis →
Vulnerability ResearchPrivilege EscalationCVEOpenMediaVaultNewline InjectionAug 24, 2025

Finding and Exploiting CVE-2025-50674 in OpenMediaVault

Recently, I discovered a critical vulnerability in OpenMediaVault, a popular open-source network-attached storage solution. The vulnerability (published as [CVE-2025-50674](https://nvd.nist.gov/vul...

Read full analysis →