Rob Ragan

Offensive security researcher and AI agent architect. Founder of Starlog.

offensive securityAI agentspenetration testingred teamingapplication security

1135 articles

Rob Ragan is an offensive security researcher and AI agent architect who has spent two decades breaking into systems and building tools to automate the process. At Starlog, he curates expert deep-dives on the open-source tools reshaping offensive security and AI agent development.

// ARTICLES BY ROB RAGAN

Cybersecurity

PowerZure: Post-Compromise Privilege Escalation in Azure Environments

By Rob Ragan ★ 1.3k PowerShell Apr 3, 2026

AI Dev Tools

Fuzz Lightyear: Finding Authorization Bugs in Microservices Before Attackers Do

By Rob Ragan ★ 227 Python Apr 3, 2026

Automation

go-stare: Fast Web Screenshots Using Chrome DevTools Protocol Without the Headless Browser Overhead

By Rob Ragan ★ 185 Go Apr 3, 2026

Developer Tools

Browser Automation in Go: A Deep Dive into chromedp/examples

By Rob Ragan ★ 1.2k Go Apr 3, 2026

Cybersecurity

Cloudlist: Building a Multi-Cloud Asset Inventory Without the CSPM Bloat

By Rob Ragan ★ 1.0k Go Apr 3, 2026

Developer Tools

BBRF: The CouchDB-Powered Framework That Keeps Your Bug Bounty Recon Sane Across Devices

By Rob Ragan ★ 641 Python Apr 3, 2026

Developer Tools

blobs.app: How a Browser-Based SVG Generator Bridges Web and Flutter Development

By Rob Ragan ★ 484 JavaScript Apr 3, 2026

Developer Tools

Inside EDRs: How Security Products Hook Windows APIs (And How Attackers Bypass Them)

By Rob Ragan ★ 2.2k C Apr 3, 2026

Rob Ragan

// ARTICLES BY ROB RAGAN

PowerZure: Post-Compromise Privilege Escalation in Azure Environments

Fuzz Lightyear: Finding Authorization Bugs in Microservices Before Attackers Do

go-stare: Fast Web Screenshots Using Chrome DevTools Protocol Without the Headless Browser Overhead

Browser Automation in Go: A Deep Dive into chromedp/examples

Cloudlist: Building a Multi-Cloud Asset Inventory Without the CSPM Bloat

BBRF: The CouchDB-Powered Framework That Keeps Your Bug Bounty Recon Sane Across Devices

Inside Google's Security Engineering Interview: A Battle-Tested Study Guide

diodb: How a Flat JSON File Became the Security Researcher's Phone Book

hakrevdns: Why Reverse DNS Lookups Still Matter in 2024

Kiterunner: Context-Aware API Discovery Beyond Directory Brute-Forcing

blobs.app: How a Browser-Based SVG Generator Bridges Web and Flutter Development

Inside EDRs: How Security Products Hook Windows APIs (And How Attackers Bypass Them)