$ whoami

Jonas Resch

Offensive Security // Vulnerability Research // CS Student

Computer science student specializing in IT security at Mittweida University of Applied Sciences, where I also work as a student at the university's data center. I spend my time rooting machines on HackTheBox, researching vulnerabilities, and lately digging into offensive AI.

HackTheBox Top 500 B.Sc. CS (IT Security) @ Mittweida Working Student @ HSMW NCC
View Projects Read Writeups
01 // About

About Me

I study Computer Science with a focus on IT security at Mittweida University of Applied Sciences (Germany), and work as a student at the university's data center.

Most of my hands-on experience comes from offensive security. I spend a lot of time on HackTheBox going from initial foothold to root on Linux and Windows targets, completed the Solar Pro Lab, and sit around the global top 500. I'm also part of the RaptX team.

On the research side, a source-code review of Gogs led to CVE-2026-24135. Right now I'm pushing into offensive AI, exploring how AI systems can be attacked and how AI changes the way offensive work gets done.

Machine Exploitation

Boot-to-root on HackTheBox: enumeration, exploitation, and privilege escalation across Linux and Windows. Solar Pro Lab completed; around the global top 500.

Vulnerability Research

Reading code to find bugs and disclosing them responsibly. A source review of Gogs led to CVE-2026-24135, an arbitrary file deletion via path traversal.

University Data Center

I work as a student at Mittweida University's data center, putting security skills to use in a real production environment.

Offensive AI

My current rabbit hole: how machine-learning systems can be attacked, and how AI is reshaping the offensive toolkit.

02 // Projects

Projects

Open-source tools and utilities I've built and maintain.

Hardware Hacking

FlipperZero BadUSB

Next-generation modular payload system for Flipper Zero BadUSB, with advanced DuckyScript payloads and remote module loading.

Python PowerShell
10
Secret Scanning

Leaktor

Secrets scanner built for speed. Combines pattern matching, entropy analysis, and live validation to catch leaked credentials before they hit production.

Rust CLI
5
Systems

Inscribe

Fast, elegant USB imaging for Linux. A modern, open-source alternative to balenaEtcher with a clean UI, clear progress, and power-user controls.

TypeScript Rust
4
View all repositories on GitHub
03 // Skills

Tech Stack

The tools I reach for most across recon, exploitation, and post-exploitation. A representative slice, not the full list.

<> Languages
01
Python Bash PowerShell Rust Go
>> Web & Recon
02
Burp Suite ffuf nmap sqlmap gobuster Wireshark
## AD & Windows
03
Impacket Mimikatz Rubeus NetExec BloodHound
** Privesc & Tooling
04
Hashcat Metasploit Ghidra linPEAS / winPEAS Docker
04 // Vulnerability Research

CVE Disclosures

Responsibly disclosed vulnerabilities. Each finding goes through coordinated disclosure with the affected vendor before publication.

CVE-2026-24135 High · CVSS 7.5 Published
Jan 22, 2026

Arbitrary File Deletion via Path Traversal in Wiki Page Update

Path traversal vulnerability in the updateWikiPage function allows authenticated users to delete arbitrary files on the server via the old_title parameter.

Product
Gogs
Affected
<= 0.13.3
Patched
0.13.4
Language
Go
GitHub Advisory Full Writeup
05 // Research & Writing

Latest Writeups

CVE disclosures, HackTheBox machines, and technical deep-dives into security topics.

CVE Feb 6, 2026 · 3 min

CVE-2026-24135: Arbitrary File Deletion in Gogs via Wiki Path Traversal

A path traversal vulnerability in Gogs' wiki update function allows authenticated users to delete arbitrary files on the server by manipulating the old_title parameter.

#cve #path-traversal #gogs #file-deletion #go #responsible-disclosure
View all writeups
06 // Contact

Get in Touch

Interested in collaboration, responsible disclosure, or just want to talk security? Reach out.

GitHub
@reschjonas
LinkedIn
Jonas Resch
Medium
@reschjonas
Email
resch.jonas@pm.me
ORCID
0009-0006-6650-8853