In the field, you need tools that do exactly what they say without the fluff. Safe Harbor is one of those tools - a BOF to help operators quickly identify processes that are convenient for covert operations. It serves two purposes: one, to locate "safe" processes during post-exploitation, and two,…
After Akamai’s publication of BadSuccessor, I set out to research and reproduce the exploit. In this post I cover: an overview of the vulnerability as disclosed by Akamai researcher Yuval Gordon; how I stood up a Windows Server 2025 DC in my existing GOAD domain lab ; my .NET-based proof-of-concept…
Introduction The objective of this research was to find a way to suppress Microsoft Teams’ ability to display new messages without forcefully terminating the application or making it visibly unresponsive. The approach taken involved analyzing the process tree, identifying dependencies, and selectively suspending non-essential threads. This document outlines the methodology…
So, you're looking to dive into the world of cybersecurity but don't know where to start? You've come to the right place! In this post, I'll walk you through everything—from the basics to advanced platforms like TryHackMe, HackTheBox, and PortSwigger Academy. We'll also compare OSCP and PNPT certifications and…
SecArmy CTF (October 2020) writeup. Lateral movement, web, pwn and linux internals all in one host.…