All Posts

Preview image for the blog post Persistence with VSCode plugin backdoors

Persistence with VSCode plugin backdoors

How to achieve persistence by backdooring installed VSCode plugins

#offensive
Preview image for the blog post Instrumentalizing Electron: Proxy Injection

Instrumentalizing Electron: Proxy Injection

How to force Electron applications into using your HTTP proxy

#electron #web #reverseengineering
Preview image for the blog post Hackvent 2023

Hackvent 2023

Writeups for some Hackvent 2023 challenges

#ctf
Preview image for the blog post COMfiltrat0r - Exfiltrating Data Like It's 1995

COMfiltrat0r - Exfiltrating Data Like It's 1995

Bypassing USB storage poilicies using WebSerial and microcontrollers

#hardware #usb #browser #web #dlp
Preview image for the blog post Hacky Easter 2023 - Bash Crash

Hacky Easter 2023 - Bash Crash

A writeup for the Hacky Easter 2023 challenge Bash Crash

#ctf
Preview image for the blog post mitmproxy on a Raspberry Pi

mitmproxy on a Raspberry Pi

A guide on how to set up mitmproxy on a Raspberry Pi for LAN and Wi-Fi MitM

#web #network #reverseengineering #raspberrypi
Preview image for the blog post D-Link DNR-322L - CVE-2022-40799 (Auth. RCE)

D-Link DNR-322L - CVE-2022-40799 (Auth. RCE)

How I gained code execution on a DVR by uploading a malicious backup

#cve #hardware
Preview image for the blog post D-Link DCS-5222 - UART, uBoot, u root

D-Link DCS-5222 - UART, uBoot, u root

Getting a root shell by manipulating uBoot parameters via UART

#hardware #uart
Preview image for the blog post Avoiding Accidental Travel Bans

Avoiding Accidental Travel Bans

Learning Golang and writing a small tool to filter IP addresses per country

#web #network #golang
Preview image for the blog post Pivoting with Chisel

Pivoting with Chisel

How to use chisel to pivot between machines and networks

#oscp #certification #network
Preview image for the blog post Active Directory Cheatsheet

Active Directory Cheatsheet

My AD cheatsheet which helped my through my OSCP exam

#windows #activedirectory #cheatsheet
Preview image for the blog post My OSCP Journey

My OSCP Journey

My OSCP journey alongside tips, tricks and how to fail with 70p

#oscp #certification
Preview image for the blog post Evil Bookmarks PoC - Abusing User Habits

Evil Bookmarks PoC - Abusing User Habits

Replacing bookmarks post-exploit for fun and profit

#phishing #browser
Preview image for the blog post A Poor Attempt at Hacking my Toothbrush

A Poor Attempt at Hacking my Toothbrush

Investigating possible planned obsolescence in my toothbrush

#hardware #nfc #reverseengineering
Preview image for the blog post PowerPhish - PowerShell Post Exploit Phishing

PowerPhish - PowerShell Post Exploit Phishing

Using PowerShell to make post-exploit phishing forms

#windows #phishing #powershell