So I m starting my blog with this technical writeup. I have tried to write this blog for a long time. but as I was coding and reading different books in Freetime. it took me a bit of time but here am I with this.

In this blog post I will discuss leveraging Meterpreter’s powershell module to execute .NET assemblies in-memory. Metasploit and Meterpreter are effective and useful tools, but occasionally one encounters a situation where they lack features. Cobalt Strike…

Intel Active Management Technology (AMT) is a feature provided by Intel for remote administration. Death Metal is a toolkit designed to exploit AMT’s legitimate features, as the AMT framework’s functionality, designed for innocent system administration purposes…

0 votes and 0 comments so far on Reddit

Phrack staff website.

Expression Language injection or EL Injection for short is an attack vector I'd never heard of until recently. This post talks about leveraging EL for RCE.

The cloak and dagger attack exploits a combination of drawing over other apps and the large amount of access to other apps given to…

In this first blog post in a series about Azure Security Logging, we will give a general overview of the types of logs available for Azure services including their storage options. We will also dis…

A complex attack chain incorporating the CVE-2018-20250 exploit and multiple code execution techniques attempted to run a fileless PowerShell backdoor that could allow an adversary to take full control of compromised machines.

Technical post about vulnerabilies in Nagios XI 5.5.10 which allow a remote attacker to gain root privileges on the system through an XSS, RCE and LPE.

Hey hackers! I noticed that a lot of people enjoyed my older OSINT articles (on
our old company website, we were formerly Sequoia Cyber Solutions).

Even to the point that the article got Reddit Gold on /r/netsec :)

If you've not read those, check them out…

0 votes and 0 comments so far on Reddit

This is a story about how I (re)discovered an exploitation technique and took a bug with fairly limited impact to a 5 digit bounty by…

Back when I started doing red team engagements for Komodo, bypassing AV solutions was quick and trivial, almost a ‘non-brainer.’ Just change some strings, recom

Information Security / Cyber Security Thoughts, Opinions, and Ideas!

COM Hijacking technique has a simple theoretical basis, similar to the DLL Hijacking one: What does it happen when an application searches for a non-existent COM object on the computer where it is being executed? Or when such object exists but it cannot be…

0 votes and 0 comments so far on Reddit

It was an ordinary Thursday on 4.04.2019. Except that at some point of the midday timeline an AS60280 belonging to Belarus’ NTEC leaked 18600 prefixes o...

DDoS attacks have always been a major threat to network infrastructure and web applications. Attackers are always creating new ways to exploit legitimate services for malicious purposes, forcing us to constantly research DDoS attacks in our CDN to build advanced…