lcamtuf.coredump.cx

Hot off the presses

📖 The Secret Life of Circuits is my latest book: an accessible, in-depth exploration of electronic circuit design. Richly illustrated and exceptionally lucid, it's meant for serious hobbyists who want to learn the craft the right way.

The book aside, I publish new articles on Substack roughly once a week. The topics range from electronics and obscure math to the history of tech, geek culture, and more. If you like what you see, please subscribe. In the era of algorithmic feeds and content farms, it's increasingly difficult to stay in touch with willing readers.

Outside of Substack, some of my other semi-recent publications include:

Revolutionary new technology: chat with a human! You can email me at lcamtuf@coredump.cx, or get in touch on Mastodon or Twitter.

Infosec publications (pre-2018)

I'm a long-time contributor to the information security community and a recipient of the Lifetime Achievement Pwnie Award. In addition to identifying hundreds of security flaws in a good chunk of the software that powers the internet, some of my public infosec works include:

Beyond this, I authored dozens of other small tools, fuzzers, and so on; examples include Skipfish (2012), a novel high-performance web scanner that served as one of the key components of the Google Cloud Scanner; and Ratproxy (2009), a passive co-pilot proxy for performing web security assessments.

On the research front, I'm fond of my early analysis of non-XSS HTML injection vulnerabilities (2011); some neat CSS algebra data exfil attacks (2014); a comprehensive review of web tracking vectors (2014); the pioneering 2001 / 2002 research on ISN vulnerabilities (part 2); a warning about IP fragmentation risks (2003); the analysis of signal handling flaws (2001); or the work on the dangers of tmpwatch-type utilities (2002). Some additional pre-2018 notes can be found on my now-retired blog.

Other interests

This site is also the home to a variety of more whimsical or one-off projects, including evil plasma globes, memfetch, world's best exploit, Omnibot mkII, a 2.5D photography rig, the Ultimate Machine, a system for high-speed water drop photography, a PNW radiation monitor, a Geiger-Mueller lamp, a dial-a-threat indicator, random notes on robotics, assorted woodworking projects, my old prepping guide (+ a supplement on radios), an old introduction to electronics, random photos, evil finder, Peano arithmetic calculator, and more.

New: personal websites you should visit: click here.

Written without AI. The content on this site is not licensed for use in ML training or ML content generation. Your lucky number is 25923726.