Research

Mar 02 2024 Who Am I? Conditional Prompt Injection Attacks with Microsoft Copilot

Nov 20 2022 Ropci deep-dive for Azure hackers

Oct 20 2022 PenTest Magazine Open Source Toolkit: ropci

Oct 20 2022 ROPC - So, you think you have MFA?

Sep 09 2022 Malicious Python Packages and Code Execution via pip download

Jul 10 2022 Offensive BPF: Using bpftrace to sniff PAM logon passwords

Jun 26 2022 Post Exploitation: Sniffing Logon Passwords with PAM

Apr 03 2022 Grabbing and cracking macOS hashes

Mar 18 2022 Flipper Zero - Initial Thoughts

Feb 28 2022 Gitlab Reconnaissance Introduction

Jan 04 2022 Log4Shell and Request Forgery Attacks

Oct 20 2021 Offensive BPF: Understanding and using bpf_probe_write_user

Oct 14 2021 Offensive BPF: Sniffing Firefox traffic with bpftrace

Oct 09 2021 Offensive BPF: What's in the bpfcc-tools box?

Oct 07 2021 Offensive BPF: Detection Ideas

Oct 06 2021 Offensive BPF: Using bpftrace to host backdoors

Oct 05 2021 Offensive BPF: Malicious bpftrace 🤯

Sep 30 2021 Offensive BPF! Getting started.

Nov 23 2020 Abusing Application Layer Gateways (NAT Slipstreaming)

Aug 24 2020 Race conditions when applying ACLs

Feb 15 2020 2600 - The Hacker Quarterly - Pass the Cookie Article

Jun 20 2019 Active Directory and MacOS

Jun 04 2019 Google Leaks Your Alternate Email Addresses to Unauthenticated Users