▸ gugualiunal.com
Güney Ali ÜNAL
Security researcher · Malware analyst · WAF/AppSec
I work at the intersection of application security, malware analysis and detection, and security engineering. This site is both my professional presence and an active security research laboratory.
Recent Posts
- CVE-2023-44487: HTTP/2 Rapid Reset — The DDoS That Broke Records and Rewrote Assumptions Jun 9, 2026
Deep-dive into CVE-2023-44487, the HTTP/2 Rapid Reset vulnerability that generated 398 million requests per second and forced every major cloud provider to patch their stacks simultaneously.
- CVE-2026-33829 & The Unpatched Sibling: How Windows URI Handlers Keep Leaking Your NTLMv2 Hashes Jun 9, 2026
Deep-dive into the Snipping Tool NTLM leak, its unpatched search: URI handler twin, the decade-long history of Windows coercing NTLM authentication, and why Microsoft's servicing policy creates systematic blind spots.