egon.dev

What It Is

egon.dev is a personal technical blog focused on cybersecurity and CTF (Capture the Flag) topics. The author uses the site to share write-ups from various CTF competitions, as well as in-depth analysis of security vulnerabilities in specific programming languages such as Kotlin. Judging from recent posts, the blog keeps up with the security community’s latest developments, including coverage of irisCTF 2025.

Core Features and Content

The blog mainly centers on the principles and exploitation of Web security vulnerabilities. In one recent article, for example, the author takes a detailed look at how Kotlin handles URLs under the hood, showing how certain “quirks” inherited from Java can be abused by attackers to carry out DNS Rebinding attacks and obtain the flag. This kind of deep analysis that connects low-level language behavior with Web attack techniques is the blog’s core value.

Pricing

As a personal blog, all articles and content on egon.dev are freely available to the public. No subscription or payment is required to read them.

Pros and Cons

Pros:

• Depth and detail: The articles go beyond simple solve scripts, digging into Kotlin/Java source code and underlying mechanisms to explain the root causes of vulnerabilities. They offer strong learning value.
• Timely coverage: The blog follows recent CTF events such as irisCTF 2025, providing timely write-ups for security enthusiasts.
• Distinctive angle: It focuses on security characteristics of specific languages such as Kotlin, helping fill technical gaps in niche areas.

Cons:

• Limited volume of content: As a personal blog, both update frequency and total article count may not match larger security communities.
• Narrow audience: The content has a relatively high barrier to entry and assumes some background in Web security and programming languages.
• Limited interaction: There are currently no obvious community interaction features, making it difficult for readers to have deeper discussions with the author.

Who It’s For

This blog is well suited to cybersecurity enthusiasts, CTF participants, and developers interested in the low-level security mechanisms of Java/Kotlin. If you are looking for a more advanced understanding of DNS Rebinding attacks, or want to explore the security boundaries of modern JVM languages, it is a useful reference.

Access from China

egon.dev is hosted on standard overseas infrastructure. Users in China can usually access it directly, with loading speed depending on network conditions. No proxy is typically needed to read the technical articles.