Identifying web content to launch further attacks.
Cross Site Scripting (XSS)
Injecting malicious code into web applications.
Shellcode Obfuscation
Encoding Shellcode for use within malware.
Hack The Box Certified Bug Bounty Hunter (HTB CBBH)
A review of the CBBH course and exam.
Import Address Tables
Hiding IAT entries to evade detection.
802.11 Wireless Attacks
Ways of gaining access to WPA-PSK networks.
Cobalt Strike
Getting started with Cobalt Strike.
Local File Inclusion (LFI) Attacks
Exploiting LFI vulnerabilities in web applications.
Flask Session Cookies
Decoding Flask signed session cookies.
Server Side Template Injection (SSTI)
SSTI attacks against Python Flask applications.
Cyber Apocalypse 2023
Cyber Apocalypse CTF 2023 challenge writeups.
Malicious Nim Code
Using Nim to write some simple tools.
System Call Execution
Writing a process injection tool using direct system calls.
Headless Linux Disk Encryption
Unlocking LUKS encrypted disks remotely.
Windows x64 Reverse Shellcode
Reverse shells in x64 assembly.
Windows x64 Shellcode Development
Writing Shellcode for Windows 11.
ClickOnce Droppers
Creating a ClickOnce installer for Phishing campaigns.
Kerberos Delegation Attacks
Exploiting constrained, unconstrained and resource based delegation.