Tech blog post collection
A summary of the ETH Zürich paper that empirically analyzes the impact of context files such as `AGENTS.md` and `CLAUDE.md` on the performance of coding agents, along with practical implications.
Analyzing the recently disclosed critical vulnerability CVE-2026-25253 in OpenClaw (formerly Moltbot). We delve into the details of the 1-Click RCE exploit chain that combines authentication token leakage and WebSocket hijacking.
A comparative analysis of the performance of the C compiler (CCC) written by Anthropic's Claude Opus 4.6 and GCC. We explore the possibilities and limitations of AI-created compilers through the success of Linux kernel compilation and SQLite benchmark results.
Documenting the cause and solution for the 'Unknown model' error when using the Claude Opus 4.6 Thinking model in OpenClaw.
Anthropic's latest AI model, Claude Opus 4.6, discovered over 500 zero-day vulnerabilities in open-source projects. This article analyzes how AI found vulnerabilities like a security researcher and the impact this has on the security industry.
A detailed analysis of the cause and exploit code of the CVE-2026-25049 vulnerability, which disabled n8n's five layers of security with a single line of JavaScript syntax (Destructuring).
A technical analysis of the Race Condition vulnerability and its impact, discovered in the voting system of Moltbook, an AI agent social network.
An experience building a system that automatically analyzes tasks and suggests actions when you say '!cleanup' to the OpenClaw AI assistant.
A solution for the 'This version of Antigravity is no longer supported' error when using Google Antigravity in OpenClaw. This post outlines how to bypass the version check via a User-Agent patch.
My experience developing a skill for OpenClaw AI agents that detects Discord emoji reactions to facilitate user decision-making, and uploading it to GitHub. Includes issues faced during ClawdHub deployment and their solutions.
An experience building a system where the OpenClaw AI agent develops ideas on its own, tracks tasks with TODO.md, and receives user approval via Discord emojis. A new development pattern for collaborating with AI.
A chronicle of building a Next.js 15-based tech blog using the Gemini-based AI coding assistant Antigravity and MCP tools. Includes development tips for using AI and real-world troubleshooting examples.
How to resolve the TypeError and "webdriver-manager LATEST_RELEASE not found" error occurring in the latest version of Selenium.
How to resolve certificate errors that occur when capturing HTTPS traffic in Fiddler.
Exploring the JSP commons-fileupload WAF filtering bypass technique through the CCE2019 ENKI challenge
A summary of various techniques to bypass Content Security Policy
An explanation of XSS filtering bypass techniques and principles utilizing the new features of ECMAScript.
WAF and filtering bypass techniques derived from XSS vulnerability analysis during penetration testing and bug bounties.
A collection of SQL Injection bypass techniques learned while solving web hacking wargames.