Software engineer @ ???? (check back Oct 1st 👀), contributor @firefox, perf @nodejs + many side projects.

Projects

porffor

A basic experimental AOT optimizing JS -> Wasm compiler (and more) in JS

test262.fyi

View many JS engines' test262 (standard ECMAScript test suite) results online

OpenAsar

Rewrite of some Discord desktop code with more perf

arRPC

Open implementation of Discord's local RPC server

Capybara

Tiny fast robust Squirrel.Windows alternative

Posts

Discord 0-click XSS to RCE (2022)

IPC allowlist bypass allowing to arbitary IPC calls setting a malicious update endpoint

Discord 1-click XSS to RCE (2020)

Path traversal in an Electron app leading to NodeJS execution from browser