Hi, I’m Avanthika 👋
I’m a cybersecurity master’s student, a CTF player and a curious learner who likes reading code, digging into bugs, and trying to understand how vulnerabilities actually happen.
My journey into security started around four years ago through Capture The Flag competitions. I was fortunate to learn alongside incredible people in Team bi0s and Team Shakti, two of India’s top CTF teams.
Those communities shaped the way I approach problems - breaking things down, reading the code, and figuring out why something behaves the way it does.
For the past year I’ve been deep into CVE analysis. I pick a vulnerability disclosure, read the patch, reverse it to understand the original bug, then reproduce it locally and trace the root cause through the source. Most of this ends up being Java — frameworks, application servers, libraries, which means a lot of time reading through internals that weren’t really meant to be read.
It’s slow work, but it’s the kind of understanding that actually sticks.
This blog is where I document that process. The posts are long(really long sometimes..). I write the kind of deep-dive I wish had existed when I was first figuring something out: the context, the wrong turns, the moment where the thing finally makes sense. If you’re here for quick summaries, this probably isn’t the right place. If you want to actually understand how something works, stick around. Most posts here are deep dives into vulnerabilities, patch analysis, or things I discovered while experimenting with code.
Before starting this blog, I published a write-up here:
🔗 Analysing CVE-2024-24942 leading to unauthenticated Path Traversal
You can also find some of my CTF notes here:
What I’m Into
What I spend time on:
- CVE reproduction and root-cause analysis
- Reverse engineering patches to understand what actually changed
- Java source code analysis and understanding framework internals
- CTFs (web exploitation)
- AI and agentic security
- Supply chain security
Outside Security
When I’m stuck on something, or taking a break from reading code, you’ll probably find me:
- Reading fiction.(Find me on GoodReads)
- Planning future trips in my head :)