Kevin K Kien | Blog

This is my blog about pentesting, aws security, application security, blockchain security.

SAMLStorm Critical Authentication Bypass in xml-crypto and Node.js libraries

25 Mar 2025

CVE-2025-29775 CVE-2025-29774 SAML protocol

SQL Injection in Go

02 Dec 2024

Golang 1-Day-Analysis

HTB BlackSky Hailstorm

15 Nov 2024

AWS Security Pentest

CVE-2024-52010 OS Command Injection

14 Nov 2024

1-Day-Analysis Golang CVE-2024-52010

CVE-2024-45601 Path traversal

01 Nov 2024

1-Day-Analysis Python CVE-2024-45601

Research DoS Vulnerability via multipart/form-data

30 Oct 2024

1-Day-Analysis Python

Vulnerability with function tarfile.extractall()

28 Oct 2024

1-Day-Analysis Python

Security for S3 from Terraform Config

13 Sep 2024

AWS Security S3

Security for KMS from Terraform Config

13 Sep 2024

AWS Security KMS

API Recon

05 Mar 2023

API Pentest

Cách Hoạt Động Của CDN

03 Mar 2023

system

Cách Hoạt Động Của HTTPS

02 Mar 2023

system

Cách Hoạt Động SSO

01 Mar 2023

system

PentesterLab XSS and MySQL

25 Dec 2022

Pentesterlab

HTB ExpressionalRebel Writeup

01 Dec 2022

hackthebox

HTB C.O.P Writeup

24 Nov 2022

hackthebox