Malware Dev

ICMP Tunneling

Tunneling C2 messages in ICMP traffic.

Exploit Dev

Use After Free Vulnerabilities

Exploiting use-after-free vulnerabilities.

Exploit Dev

Heap Exploitation: The House of Force

Tampering with the top chunk size field for an arbitrary write primitive.

Exploit Dev

Ubuntu 20.04 Heap Exploitation

Exploiting heap corruption on Ubuntu 20.04.

Exploit Dev

Heap Thread Cache Exploitation

Exploiting heap thread caching on glibc 2.26.

Exploit Dev

Heap Fastbin Exploitation

Double free exploitation of glibc heap fastbins.

Infrastructure

Certificate Based Persistence

Using AD CS certificates to achieve persistence in an Active Directory environment.

Infrastructure

Extracting NTLM Hashes With User Privileges

Extracting NTLM hashes without the need for Mimikatz.

Infrastructure

Offensive Security Experienced Penetration Tester (OSEP) Review

A review of the Evasion Techniques and Breaching Defences course by Offensive Security.

Exploit Dev

Dealing with Small Buffer Space

Using relative JMP instructions to escape small buffers.

Security Engineering

Blocking Outbound Docker Traffic

Blocking outbound docker traffic using an IPTables firewall.

Infrastructure

NTLM Relay Attacks

Performing NTLM relay attacks using SMB and LDAP.