All Posts
Persistence with VSCode plugin backdoors
How to achieve persistence by backdooring installed VSCode plugins
Instrumentalizing Electron: Proxy Injection
How to force Electron applications into using your HTTP proxy
Hackvent 2023
Writeups for some Hackvent 2023 challenges
COMfiltrat0r - Exfiltrating Data Like It's 1995
Bypassing USB storage poilicies using WebSerial and microcontrollers
Hacky Easter 2023 - Bash Crash
A writeup for the Hacky Easter 2023 challenge Bash Crash
mitmproxy on a Raspberry Pi
A guide on how to set up mitmproxy on a Raspberry Pi for LAN and Wi-Fi MitM
D-Link DNR-322L - CVE-2022-40799 (Auth. RCE)
How I gained code execution on a DVR by uploading a malicious backup
D-Link DCS-5222 - UART, uBoot, u root
Getting a root shell by manipulating uBoot parameters via UART
Avoiding Accidental Travel Bans
Learning Golang and writing a small tool to filter IP addresses per country
Pivoting with Chisel
How to use chisel to pivot between machines and networks
Active Directory Cheatsheet
My AD cheatsheet which helped my through my OSCP exam
My OSCP Journey
My OSCP journey alongside tips, tricks and how to fail with 70p
Evil Bookmarks PoC - Abusing User Habits
Replacing bookmarks post-exploit for fun and profit
A Poor Attempt at Hacking my Toothbrush
Investigating possible planned obsolescence in my toothbrush
PowerPhish - PowerShell Post Exploit Phishing
Using PowerShell to make post-exploit phishing forms