Michael Rowley

Researching & Developing Secure Software

About Me

I'm an enthusiastic software engineer and cybersecurity researcher responsibly disclosing critical software vulnerabilities in interesting technology.

Projects & Published Vulnerabilities

Timing Side Channel Attacks

An introduction to how timing discrepancies can be exploited in commmon implementations of functions specified in the C/C++/PHP standards, as well as the different ways that such vulnerabilities can be identified, patched, and avoided.



Predictable RNG deployed for token generation in PKP-lib.



Out of bounds read in GPAC's 'vobsub' processing system.

HTTP Debugger


Insufficient kernel-mode access control.


A cross-platform SOCKS4(a)/SOCKS5(h) proxy with integrated Lua plugin support that allows users to extend the core functionality to suit specialized needs.

Race Conditions to Exploit Windows Drivers

A deep-dive into how CVE-2023-35863 was discovered with the help of PE-imports, Ghidra, and a range of techniques to gain access to a kernel-mode driver providing plaintext access to users' HTTPS traffic.


A Python script that enumerates over files or directories, printing the static imports of all executables that it finds. Useful when identifying interesting drivers to further research.



Server side request forgery in Calibre's 'book cover' retrieval system.

Apache Pulsar


Insufficient SSL certificate verification in Pulsar's OAuth2.0 credential flow.



Bypass for SSRF protections in Gogs, a self-hosted Git application.

DLL Sideloading

A Windows tool for use in triaging and identifying DLL sideloading/hijacking vulnerabilities in running processes by hooking relevant functions at runtime.


A performant, secure C++ library which leverages the boost.asio framework to deliver an object-oriented networking model that can easily be used by other programs. This project was written in C++ (17/20) and supported early versions of Selino (see above).

SSRF to Bypass Firewalls

Reviewing how server side request forgery (SSRF) could be used to transmit data between firewalled networks without triggering IP or domain-based blacklists, or by leveraging SSRF to pass data through whitelisted endpoints.


A simplistic UI-driven interpreter of a limited ARM subset. Written in C++ using the Qt Framework and designed with future modularity in mind, making additions to the instruction-set extremely simple.


A Windows tool for monitoring websites for source-level changes in content, this project is configurable via regular expressions, timeouts, custom user-agents, and exportable (encrypted) configuration files. Written in C# using the .NET framework and WinForms for the user-interface.


A command-line application that allows users to explore the internals of PNG image files and their comprising chunks. Written in modern C and thoroughly tested using fuzzing (AFL-Fuzz) and a code assurance platform (Codacy).