Malware Dev

Killing Protected Processes

Exploiting kernel mode drivers to terminate protected processes.

Malware Dev

Kernel Mode Drivers

Creating a Windows kernel mode driver to hide and kill processes.

Malware Dev

Windows Kernel Debugging

Modifying Kernel data structures to hide processes and elevate privileges.

Malware Dev

AppDomainManager Injection

Executing arbitrary code inside a .NET process.

Infrastructure

Model Context Protocol

Using Local LLM’s to perform NMap scans.

Security Engineering

Capture the Flag Exercises: Part Three

Adding security monitoring to our CTF platform.

Infrastructure

Just Enough Administration (JEA)

Exploiting PowerShell JEA configurations.

Security Engineering

Capture the Flag Exercises: Part Two

Adding vulnerabilities into our CTF environment using Ansible.

Infrastructure

dMSA Abuse

Exploiting dMSA accounts to become domain administrator.

Security Engineering

Capture the Flag Exercises: Part One

Setting up an infrastructure penetration testing CTF.

Infrastructure

Kerberos Authentication Service Cracking

Intercepting and cracking AS-REQ & AS-REP packets.

Security Engineering

Local Large Language Models

Running LLM’s on Ubuntu.