lowercasenumbers.xyz
Security research, penetration testing insights, and CTF writeups
About
hey, i'm lowercasenumbers. yes, i know numbers can't be lowercase, but here we are anyway.
I break things for a living—mostly web apps, networks, often my own PC, and recently my foot (long story). This site is where I dump technical write-ups, showcase projects that made it past the proof of concept code that was thrown together in a hurry, and occasionally blog about security things that are interesting enough to pull me away from my terminal.
Recent Posts
View all posts →React2Shell: When Nation-State Hackers Move at Internet Speed
Within hours of disclosure, CVE-2025-55182 became the newest weapon in China and Iran's cyber arsenal
Dec 13, 2025
I Built a CSR Parser in Python (That OpenSSL Already Does Better)
The story of spending hours learning to decode CSRs, building a tool, only to discover a one-liner that makes it completely obsolete
Nov 19, 2025
Essential Cybersecurity Resources for Early Career Professionals
A curated collection of platforms, courses, and content to accelerate your cybersecurity learning journey
Nov 9, 2025
Ivanti Vulnerability Updates
It can get worse, and it will
Feb 16, 2024
Proving Grounds Astronaut Write Up
A warmup ProvingGrounds Practice machine with straightforward exploitation and privilege escalation
Nov 14, 2023
HTB Beep Write Up
HackTheBox machine with multiple exploitation paths including LFI and RCE
Oct 28, 2023