From Gimme Shelter to Safe Harbor: A Casual Spin on Process Hunting

In the field, you need tools that do exactly what they say without the fluff. Safe Harbor is one of those tools - a BOF to help operators quickly identify processes that are convenient for covert operations. It serves two purposes: one, to locate "safe" processes during post-exploitation, and two,…

BadSuccessor: Abusing dMSAs for AD Domination

After Akamai’s publication of BadSuccessor, I set out to research and reproduce the exploit. In this post I cover: an overview of the vulnerability as disclosed by Akamai researcher Yuval Gordon; how I stood up a Windows Server 2025 DC in my existing GOAD domain lab ; my .NET-based proof-of-concept…

FriendlyFire BOF: Selective Process Freezing

Introduction The objective of this research was to find a way to suppress Microsoft Teams’ ability to display new messages without forcefully terminating the application or making it visibly unresponsive. The approach taken involved analyzing the process tree, identifying dependencies, and selectively suspending non-essential threads. This document outlines the methodology…

From N00b to Ninja: Hacking Your Way into Cybersecurity

So, you're looking to dive into the world of cybersecurity but don't know where to start? You've come to the right place! In this post, I'll walk you through everything—from the basics to advanced platforms like TryHackMe, HackTheBox, and PortSwigger Academy. We'll also compare OSCP and PNPT certifications and…

SecArmy OSCP Giveaway CTF Writeup

SecArmy CTF (October 2020) writeup. Lateral movement, web, pwn and linux internals all in one host.…