Hello, I'm

Rodolfo Tavares

$ whoami incogbyte

Offensive Security | Mobile Hacking | Reverse Engineering

Read Blog About Me

# Latest Posts

Mar 17, 2026

writeup

Second Order SQL Injection in phpIPAM 1.7.4 (CVE-2026-4189) Back in 2022, I found a SQL injection in phpIPAM 1.4.4 …

Jun 02, 2025

In this challenge, you’ll be working with a fictitious app called Run Time, which tracks your steps while running. Your …

May 31, 2025

Introduction The Captain No Hooks lab provides an in-depth exploration of iOS RASP (Runtime Application Self-Protection) …

May 31, 2025

Introduction In this challenge, you will explore the vulnerabilities in an internally used application named Time Trap, …

May 31, 2025

Introduction The Gotham Times lab provides an in-depth exploration of iOS webviews and their security implications. This …

May 30, 2025

Flipcoin Wallet CTF - SQL Injection Challenge In this CTF challenge, I’ll explore a SQL Injection vulnerability ( …

Penetration testing, vulnerability research, and exploit development.

Android & iOS security analysis, Flutter reverse engineering, mTLS bypass.

Binary analysis, malware research, protocol reverse engineering.

Web application testing, CVE disclosures, responsible vulnerability reporting.