Blog

Introduction # When Linus Torvalds released Linux 7.1-rc41 on May 17, he flagged a documentation update as the highlight. The substance is a policy: the kernel’s security workflow is being …

Introduction # The same vendors publishing breakthrough numbers on LLM cyber capability are publishing the disclaimers in the same posts. Read both halves and the picture changes.

Introduction # On December 29, 2025, the Internet Society of China (中国互联网协会, ISC — an industry association affiliated with MIIT) published the China Internet Enterprise Comprehensive Strength Index …

Introduction # When EclecticIQ analyzed a 2023 Cobalt Strike intrusion1 at Taiwan’s Directorate General of Highways (MOTC), the most useful artifact wasn’t the malware. It was a filesystem …

In early November 2025, a massive data breach at Knownsec, a prominent Chinese cybersecurity firm with government connections, exposed over 12,000 classified documents revealing the company’s …

Note: OSWE is one of three certifications required for OSCE3 (along with OSED and OSEP), which replaced the original OSCE in 2020. I passed the Offensive Security Web Expert exam in July 2020. Now, I …

Hacking the Northpolechristmastown # l2s.northpolechristmastown.com # Letters to Santa app contains a reference to a development system in a HTML comment section. <!-- Development version --> …

Introduction # The third boot2root system in the Breach series is an intermediate challenge. This time the VM will automatically acquire an IP address via DHCP. Flag 1 # First, let’s identify …

Introduction # Breach 2.1 is meant to be beginner to intermediate boot2root/CTF challenge. The VM is configured with a static IP address (192.168.110.151) so you will need to configure your host-only …

Introduction # Breach 1.0 is meant to be beginner to intermediate boot2root/CTF challenge. The VM is configured with a static IP address (192.168.110.140) so you will need to configure your host-only …

Introduction # Word macros are one of the top sources of malware infection. Creating such a malicious macro can be done in less than 10 minutes. This article will give an insight how to perform such …

Introduction # May 2016 I had the chance to participate in the SANS SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking in Amsterdam. The course syllabus gave a good outline …

Introduction # Cracking with the desktop computer is not always a good idea. It can be quite noisy when you are trying to sleep. The room can become too hot for a hacker. And most important of all, …

Summary # Which commands are sent across the Gnome’s command-and-control channel? EXEC:iwconfig in packet 363 EXEC:cat /tmp/iwlistscan.txt in packet 573 What image appears in the photo the Gnome sent …

Update (October 2020): The OSCE certification and Cracking the Perimeter (CTP) course have been retired. They have been replaced by OSCE3, which requires passing three certifications: OSED (Windows …

Prerequisites # Exploit-Exercises: Protostar Final 0 # For this level we have got a binary listening on port 2995. Exploitation # Let’s find out what this binary is up to. 0x08049833 …

Prerequisites # Exploit-Exercises: Protostar Heap 0 # For this scenario we need to run the winner() function. To get a better idea about the binary a look at the assembly helps. 0x08048492 …

Prerequisites # Exploit-Exercises: Protostar Net 0 # For this exercise we have got a service listening on port 2999. Let’s connect and see what it does. user@protostar:/opt/protostar/bin$ telnet …

Prerequisites # Exploit-Exercises: Protostar Format 0 # First of all, we take a look at the disassembly. ... 0x08048431 <main+6>: sub $0x10,%esp 0x08048434 <main+9>: mov 0xc(%ebp),%eax ; …

Prerequisites # Exploit-Exercises: Protostar Stack 0 # For this scenario we need to overwrite the stack variable $modified. To get a better idea about the binary a look at the assembly helps. …

I received my OSCP certification via mail. The perfect time to write a short review. Try Harder!

Historical Content (2014): This article demonstrates classic stack-based buffer overflow exploitation on Windows XP SP3. Modern Windows systems include mitigations such as ASLR, DEP/NX, and CFG that …

Historical Content (2014): This article demonstrates classic stack-based buffer overflow exploitation on Windows XP SP3. Modern Windows systems include mitigations such as ASLR, DEP/NX, and CFG that …