Tech blog post collection
Analyzing the recently disclosed critical vulnerability CVE-2026-25253 in OpenClaw (formerly Moltbot). We delve into the 1-Click RCE exploit chain that combines authentication token leakage and WebSocket hijacking in detail.
A comparative analysis of the performance of the C compiler (CCC) written by Anthropic's Claude Opus 4.6 and GCC. We explore the possibilities and limitations of AI-created compilers through the success of Linux kernel compilation and SQLite benchmark results.
Documenting the cause and solution for the 'Unknown model' error when using the Claude Opus 4.6 Thinking model in OpenClaw.
Anthropic의 최신 AI 모델 Claude Opus 4.6이 오픈소스 프로젝트에서 500개 이상의 제로데이 취약점을 발견했다. 이 글에서는 어떻게 AI가 보안 연구자처럼 취약점을 찾아냈는지, 그리고 이것이 보안 업계에 미치는 영향을 분석한다.
A detailed analysis of the cause and exploit code for the CVE-2026-25049 vulnerability, which neutralizes n8n's five-layer security with a single line of JavaScript syntax (Destructuring).
A technical analysis of the Race Condition vulnerability and its impact, discovered in the voting system of Moltbook, an AI agent social network.
An experience building a system that automatically analyzes tasks and suggests actions when you say '!cleanup' to the OpenClaw AI assistant.
A solution for the 'This version of Antigravity is no longer supported' error when using Google Antigravity in OpenClaw. This post outlines how to bypass the version check via a User-Agent patch.
My experience developing a skill for OpenClaw AI agents that detects Discord emoji reactions to facilitate user decision-making, and uploading it to GitHub. Includes issues faced during ClawdHub deployment and their solutions.
An experience building a system where the OpenClaw AI agent develops ideas on its own, tracks tasks with TODO.md, and receives user approval via Discord emojis. A new development pattern for collaborating with AI.
A chronicle of building a Next.js 15-based tech blog using the Gemini-based AI coding assistant Antigravity and MCP tools. Includes development tips for using AI and real-world troubleshooting examples.
How to resolve the TypeError and "webdriver-manager LATEST_RELEASE not found" error occurring in the latest version of Selenium.
How to resolve certificate errors that occur when capturing HTTPS traffic in Fiddler.
Exploring the JSP commons-fileupload WAF filtering bypass technique through the CCE2019 ENKI challenge
A summary of various techniques to bypass Content Security Policy
An explanation of XSS filtering bypass techniques and principles utilizing the new features of ECMAScript.
WAF and filtering bypass techniques derived from XSS vulnerability analysis during penetration testing and bug bounties.
A collection of SQL Injection bypass techniques learned while solving web hacking wargames.