fillsexploit

Control Systems Engineer @ UniPD

Web APIs and Vulnerability Research

Recent Security Research

2 Marzo 2026 • Guide • OpenWrt

OpenWrt sul TP-Link VX830v: guida completa al porting

Ho portato OpenWrt su un router TP-Link VX830v (firmware Wind Tre). WiFi 2.4/5 GHz, LAN 2.5 GbE, SFP GPON. Guida al porting.

11 Febbraio 2026 • Guide • Networking

Sblocco EasyMesh "Agent" - Zyxel DX5401 (WindTre)

Guida per sbloccare la modalità Agent nascosta nel firmware del modem Zyxel DX5401 fornito da WindTre. Configurazione completa di una rete MPro Mesh con backhaul ethernet.

30 October 2025 • Fixed • Business Impact

Kena Mobile Winback Bypass

Client-side validation bypass on Kena Mobile's winback campaign allowing unrestricted access to promotional offers.

VIEW ALL POSTS →

About This Site

This site documents security research findings, vulnerability disclosures, and responsible security practices. All testing is performed ethically with proper authorization.

FOCUS AREAS:

Web API security and exploitation
Client-side validation bypasses
Business logic vulnerabilities
Responsible disclosure practices