sep 08, 2025
Exploring dns tunneling: techniques and detection
this is a sample blog post generated by chatgpt.
blog
some learnings from building and breaking things.
jan 01, 2025
Crafting Custom Payloads for Evading Modern AV Solutions
Crafting Custom Payloads for Evading Modern AV Solutions.
jan 01, 2025
Exploiting Misconfigured CORS Policies in Web Applications
Exploiting Misconfigured CORS Policies in Web Applications.
jan 01, 2025
Privilege Escalation on Linux: Exploiting SUID Binaries and Misconfigurations
Privilege Escalation on Linux: Exploiting SUID Binaries and Misconfigurations.
jan 01, 2025
Windows Privilege Escalation: Leveraging Token Impersonation and UAC Bypasses
Windows Privilege Escalation: Leveraging Token Impersonation and UAC Bypasses.
jan 01, 2025
Weaponizing PowerShell for Red Team Operations
Weaponizing PowerShell for Red Team Operations.
jan 01, 2025
Exploiting Remote Code Execution in Modern Web Frameworks
Exploiting Remote Code Execution in Modern Web Frameworks.
jan 01, 2025
Bypassing Application Whitelisting with LOLBins
Bypassing Application Whitelisting with LOLBins.
jan 01, 2025
Abusing Kerberos: Golden and Silver Ticket Attacks Explained
Abusing Kerberos: Golden and Silver Ticket Attacks Explained.
jan 01, 2025
Advanced Phishing: Crafting HTML Smuggling and Obfuscated JavaScript
Advanced Phishing: Crafting HTML Smuggling and Obfuscated JavaScript.
jan 01, 2025
Exploiting Deserialization Vulnerabilities in Java and .NET Applications
Exploiting Deserialization Vulnerabilities in Java and .NET Applications.
jan 01, 2025
Hacking IoT Devices: Reverse-Engineering Firmware for Vulnerabilities
Hacking IoT Devices: Reverse-Engineering Firmware for Vulnerabilities.
jan 01, 2025
Chaining XSS to RCE: Advanced Cross-Site Scripting Techniques
Chaining XSS to RCE: Advanced Cross-Site Scripting Techniques.
jan 01, 2025
Attacking GraphQL APIs: Enumeration and Data Extraction Techniques
Attacking GraphQL APIs: Enumeration and Data Extraction Techniques.
jan 01, 2025
Exploiting Misconfigured AWS S Buckets for Data Exfiltration
Exploiting Misconfigured AWS S Buckets for Data Exfiltration.
jan 01, 2025
Post-Exploitation Persistence: Advanced Techniques for Maintaining Access
Post-Exploitation Persistence: Advanced Techniques for Maintaining Access.
jan 01, 2025
Cracking Password Hashes: Optimizing Hashcat for Speed and Success
Cracking Password Hashes: Optimizing Hashcat for Speed and Success.
jan 01, 2025
Abusing Docker Misconfigurations for Container Breakout
Abusing Docker Misconfigurations for Container Breakout.
jan 01, 2025
Exploiting Server-Side Request Forgery (SSRF) for Internal Network Access
Exploiting Server-Side Request Forgery (SSRF) for Internal Network Access.
jan 01, 2025
Writing Custom Exploits for Buffer Overflows in
Writing Custom Exploits for Buffer Overflows in.
jan 01, 2025
Attacking Modern Authentication: OAuth Misconfigurations and Token Theft
Attacking Modern Authentication: OAuth Misconfigurations and Token Theft.