Security Research
Thoughts, writeups, and research on offensive security and evasion.
The Local LLM Trojan Horse
Local LLMs are catching up to cloud models fast. And because nobody truly understands what's inside them, finetuning one to behave badly is easier than you think.
Injecting CDP into a Running Edge Browser: A Deep Dive into Runtime Browser Instrumentation
Reverse engineering Microsoft Edge to enable Chrome DevTools Protocol on a live browser process without restart - for Red Team Operations.
Building a RASP: Inside the Application's Mind
A journey into building a Runtime Application Self-Protection (RASP) system for Python from scratch.
Evasive C2: The Final Polish
Advanced evasion topics: Beacon Object Files (BOFs) and Ekko Sleep Obfuscation.
Evasive C2: In-Memory Execution
Techniques for in-memory execution, including Fork & Run, PPID Spoofing, and Named Pipe redirection.
Evasive C2: Avoiding Hooks
Exploring advanced Windows evasion techniques including Direct/Indirect Syscalls and PEB walking.
Evasive C2: Talking to our agent
Deep dive into the Communication Layer of C24U, covering HTTP/S, DNS Tunneling, and SOCKS5.
Evasive C2: Why and How
Chronicle of building C24U, a production-grade C2 framework, from scratch.
CTwobe: Hiding Command & Control in YouTube Traffic
A deep dive into building a covert C2 framework that uses YouTube for command execution and data exfiltration.
My Road to OSCE3: Lessons, Challenges, and Triumphs
My personal experience going from new to cyber security to OSCE3