FaviCreep
01Attack surface discovery through favicon fingerprinting. Enumerates subdomains, hashes favicons via mmh3, clusters infrastructure sharing identical branding, and pivots to Shodan for internet-wide asset correlation.
Anmol Singh Yadav
अनमोल सिंह यादव
Security Researcher · Infrastructure Defense
I engineer the systems that find vulnerabilities before attackers do — spanning cloud-native defense, AI runtime isolation, and large-scale threat intelligence.
About
I think in systems. My work focuses on understanding how infrastructure fails — and building the detection and defense layers that prevent those failures from becoming breaches. I operate across cloud-native security, runtime isolation, and AI system hardening.
I approach security as an engineering discipline: systematic threat modeling, reproducible exploit research, and defense architectures that scale. My research spans container security, credential exposure analysis, and attack surface mapping through unconventional signals.
– AI Runtime Security
– Cloud Native Defense
– Infrastructure Security
– Runtime Isolation
– Threat Intelligence
Projects I've Built
AWS Key Hunter
02Automated credential exposure scanner that monitors GitHub commits in real-time for leaked AWS keys. Detects in plaintext and base64, validates against AWS APIs, and delivers instant Discord alerts.
CVE-2007-2447 Exploit
03Standalone exploit for the Samba "username map script" command injection vulnerability. Written in Go as a study in vulnerability research methodology — protocol-level flaws to RCE.
Writing & Research
Blog
Dockerfile Security Best Practices: How to Build Secure Containers
↗
InfoSec Write-ups
How I Learned x86 Disassembly to Analyze Malware
↗
Blog
Top 10 Firewall / IDS Evasion Techniques
↗
InfoSec Write-ups
Rise of the Zombie Process: How the Dead Can Still Haunt Your System
↗
InfoSec Write-ups
Why Your Favicon Might Be Exposing Your Infrastructure
↗
Blog
How I Found 100+ Exposed AWS Keys in Public Git Repos
↗
Current Focus
–
Researching AI runtime security boundaries — how LLM-powered agents can be isolated from host infrastructure without sacrificing execution fidelity.
–
Building distributed threat intelligence pipelines that aggregate, correlate, and surface credential exposure patterns across public code repositories.
–
Studying container escape vectors and runtime isolation models in Kubernetes environments — understanding where the boundaries actually break.