Shivasurya

December 20th, 2025

2025 Wrapped

Blog post about 2025 Wrap & Reflection
November 7th, 2025

Some thoughts around Django SQL Injection CVE-2025-64459

Some thoughts around Django SQL Injection CVE-2025-64459
October 3rd, 2025

Claude Code for Security Analysis: Introducing SecureFlow CLI to Hunt Security Vulnerabilities

AI-powered security scanning tool using agentic loops to hunt vulnerabilities - discovered 300+ issues in WordPress plugins with 12+ AI model support and DefectDojo integration.
August 8th, 2025

Exploring fun parts of Neural Network

Purely exploration blog post and thoughts around neural network
July 19th, 2025

Rethinking MCP or Tool Calling Through Permission Based System

Explore a permission-based security model for MCP and Tool Calling in LLMs, inspired by Android's runtime permissions, to protect sensitive data while maintaining functionality.
April 17th, 2025

Static Analysis Isn't Enough: Understanding Library Interactions for Effective Data Flow Tracking

Static analysis tools go blind without understanding library calls – learn why modeling them is critical for finding real security flaws.
April 10th, 2025

Lessons from Building Sherlock: Automating Security Code Reviews with Sourcegraph

Explore how Sherlock leverages Sourcegraph to automate security code reviews, enhancing productivity and ensuring robust code security.
March 19th, 2025

LLM-Powered Security Reviews: Insights and Challenges

Exploring the potential and challenges of LLM-assisted security reviews
January 28th, 2025

How I Use AI to Streamline/Assist My Work

A short blog post on how I leverage LLMs (AI) to streamline or assist my work
December 26th, 2024

2024 Wrapped

Blog post about 2024 Wrap & Reflection