Research & Blog

Written by people who do the work

Every article ships with the methodology and tooling behind it — no summaries of someone else's research.

AppSec

Auditing Payment APIs: Lessons from a Regional Fintech Bug Bounty

A field report on the most common authorization flaws we found across five Central Asian fintech products.

Dilnoza Karimova · AppSec Researcher9 min read
Blue Team

Defending University Networks on a Student Budget

How three campus security clubs in Tashkent and Almaty built monitoring stacks for under $200 a month.

Jasur Yusupov · Blue Team Lead, UzSec+7 min read
Binary Exploitation

Anatomy of a CTF-Winning Pwn Chain

Breaking down the exploit chain that took first place at UzSec+ Nationals 2026, step by step.

Aziz Nematov · CTF Team Captain12 min read
Industry

The State of Cybersecurity Hiring in Central Asia, 2026

Survey data from 400+ employers on the skills gap, salaries, and what actually gets junior hackers hired.

UzSec+ Research Team · Editorial6 min read