01/02/2025
[Tool] Pipeshell - Named pipe shell utilizes the .NET framework abstraction for named pipes

08/31/2024
[Tool] Z-Scan - File enumeration using a Z-Score statistical measure of content-lengths

12/30/2019
[Tool] TrelloC2 - C2 PoC over the Trello API

01/11/2019
[Tool] Invoke-Apex - Powershell Post-Exploitation Toolkit

03/17/2017
[Blog] SYSTEM-level Persistence via Intel PROSet Wireless RpcRtRemote.dll Backdoor

10/15/2016
[Blog] Lindrop - A Social Engineering Vector for Linux Targets

10/03/2016
[Blog] Reverse Meterpreter Shell via Slack Client 2.2.1 - DNSAPI.dll Hijack

01/25/2016
[Blog] Privilege Escalation (SYSTEM) via Dolby's DAX2_API Service (Windows 10)

12/19/2015
[Blog] Fingerprinting Meterpreter HTTP/S Listeners DoS PoC

08/14/2015
[Blog] Sniffing Encrypted puTTY/Outlook credentials with Metasploit/NetRipper

07/26/2015
[Blog] Cracking the ROKU V2 WPA2-PSK

07/25/2015
[Blog] Factory-reset 1761 Internet-facing Roku Devices with a Few Curl Commands

04/28/2015
[Blog] Observations on the Tesla Motors Twitter Hack and Website Defacement

02/25/2015
[Blog] BaseRot - A Message Obscuration Method and Tool

12/15/2014
[Blog] DataSoft Nova Anti-reconnaissance System 13.10.0 - Stored XSS

09/12/2014
[Blog] Death By Magick Number - Fingerprinting Kippo 2014