Blog dedicated to offensive security where i share my own researches and what i find interesting.
Exploiting an Off-By-One error using House Of Einherjar to gain chunk overlapping and arbitrary pointer return from malloc. This post talks about how Glibc works and some security mitigations in it
Read articleDeep dive on how to dump secrets from modern chromium based browsers and bypass App Bound Encryption
Read articleA variant of Mimic allows the operator to use a GUI to interact with the program
Read articleBack in 2020 Solarwinds was the victim of one of the largest breaches in history, in this post im going to analyze the tools implemented by the Thread Actors, specifically the evasion and persistence mechanisms
Read article