Hi! im Davis, I automate weird stuff, build web apps and bots
I'm always learning and open for new challenges more here.
Recent Blog Posts
July 11, 2026
PhaaS research: a Ledger seed phishing campaign from a Google ad
Notes on an active crypto phishing campaign impersonating Ledger — a verified Google advertiser buying "ledger" ads pointing at a typosquat that walks you through a fake firmware update and harvests your recovery phrase.
threat-intelphishingphaascryptoledgerseed-phrasemalvertising
July 8, 2026
Diving into a non documented WhatsApp anti-censorship feature
I discovered a non documented anti-censorship feature in WhatsApp that allows users to bypass censorship in certain countries.
WhatsAppAnti-CensorshipNetworkingpsiphon
June 9, 2025
PhaaS in the Wild: Dissecting the TCC Payment Page Phishing Kit
Full technical breakdown of an active Phishing-as-a-Service kit targeting Colombian banking customers. The kit impersonates logistics company TCC, runs a real-time card keylogger via an obfuscated runtime, routes victims by BIN prefix, and exfiltrates data through postMessage to a Chinese-built multi-tenant C2 platform at tcc-ayv.cc.
threat-intelphishingphaascolombiabankingreverse-engineeringobfuscationcard-skimmer