About

cctbp is a security research blog focused on authentication and identity vulnerabilities in modern web applications.

The work here covers OAuth 2.0, OIDC, SAML, MFA bypass, session abuse, and cross-tenant edge cases — documented with reproducible attack scenarios, defender telemetry, and lab-grade writeups aimed at practitioners who work in auth-heavy environments.

Posts aren’t just descriptions of what’s possible. They’re end-to-end walkthroughs: setup, exploitation, detection, and remediation where applicable.

The Lab

Research is built alongside ShroudCloud™ — a controlled infrastructure environment for authorized auth-flow attack chains. Having a dedicated lab means scenarios are reproducible and isolated, not theoretical.

Author

Tom Stacy is a security researcher specializing in authentication and session flows in modern web applications and identity providers. He focuses on the seams where protocol specifications, real-world implementations, and business logic collide.

• GitHub: github.com/tstacy
• Twitter / X: x.com/cctbp
• LinkedIn: linkedin.com/in/tommystacy
• Main site: cctbp.com