The Operator and the Oracle: What We Sacrifice When We Stop Thinking for Ourselves
Are you using AI to become better at your craft, or are you using it to avoid the friction that produces craft in the first place?…
From Gimme Shelter to Safe Harbor: A Casual Spin on Process Hunting
In the field, you need tools that do exactly what they say without the fluff. Safe Harbor is one of those tools - a BOF to help operators quickly identify processes that are convenient for covert operations. It serves two purposes: one, to locate "safe" processes during post-exploitation,…
BadSuccessor: Abusing dMSAs for AD Domination
After Akamai’s publication of BadSuccessor, I set out to research and reproduce the exploit. In this post I cover: an overview of the vulnerability as disclosed by Akamai researcher Yuval Gordon; how I stood up a Windows Server 2025 DC in my existing GOAD domain lab ; my .NET-based proof-of-concept…
FriendlyFire BOF: Selective Process Freezing
Introduction The objective of this research was to find a way to suppress Microsoft Teams’ ability to display new messages without forcefully terminating the application or making it visibly unresponsive. The approach taken involved analyzing the process tree, identifying dependencies, and selectively suspending non-essential threads. This document outlines the methodology…