The Human Machine Interface
Fuzzer Development 4: Snapshots, Code-Coverage, and Fuzzing
(Jun 23, 2024)
Fuzzer Development 3: Building Bochs, MMU, and File I/0
(Mar 05, 2024)
Fuzzer Development 2: Sandboxing Syscalls
(Feb 17, 2024)
Fuzzer Development 1: The Soul of a New Machine
(Nov 04, 2023)
Escaping the Google kCTF Container with a Data-Only Exploit
(Jul 29, 2023)
PAWNYABLE UAF Walkthrough (Holstein v3)
(Oct 29, 2022)
Fuzzing Like A Caveman 6: Binary Only Snapshot Fuzzing Harness
(Apr 02, 2022)
Fuzzing Like A Caveman 5: A Code Coverage Tour for Cavepeople
(Jan 16, 2021)
CVE-2020-12928 Exploit Proof-of-Concept, Privilege Escalation in AMD Ryzen Master AMDRyzenMasterDriver.sys
(Oct 13, 2020)
Fuzzing Like A Caveman 4: Snapshot/Code Coverage Fuzzer!
(Jun 13, 2020)
Fuzzing Like A Caveman 3: Trying to Somewhat Understand The Importance Code Coverage
(May 26, 2020)
The Summer of PWN
(May 05, 2020)
HEVD Exploits -- Windows 10 x64 Stack Overflow SMEP Bypass
(May 04, 2020)
CVE-2020-12138 Exploit Proof-of-Concept, Privilege Escalation in ATI Technologies Inc. Driver atillk64.sys
(Apr 25, 2020)
HEVD Exploits -- Windows 7 x86 Use-After-Free
(Apr 23, 2020)
HEVD Exploits -- Windows 7 x86 Non-Paged Pool Overflow
(Apr 22, 2020)
HEVD Exploits -- Windows 7 x86 Integer Overflow
(Apr 20, 2020)
Fuzzing Like A Caveman 2: Improving Performance
(Apr 08, 2020)
Fuzzing Like A Caveman
(Apr 04, 2020)
HEVD Exploits -- Windows 7 x86 Uninitialized Stack Variable
(Feb 09, 2020)
HEVD Exploits -- Windows 7 x86 NULL Pointer Dereference
(Feb 03, 2020)
HEVD Exploits -- Windows 7 x86-64 Arbitrary Write
(Feb 01, 2020)
HEVD Exploits -- Windows 7 x86 Arbitrary Write
(Jan 28, 2020)
HEVD Exploits -- Windows 7 x86-64 Stack Overflow
(Jan 21, 2020)
HEVD Exploits -- Windows 7 x86 Stack Overflow
(Jan 20, 2020)
Image-Based C2 Channel Proof-of-Concept
(Dec 20, 2019)
Making Gnome Terminal Look Like XTerm
(Nov 18, 2019)
Creating Win32 ROP Chains
(Nov 02, 2019)
Win32 Reverse Shell Shellcode
(Oct 19, 2019)
Baby's First Win32 Shellcode Part 2
(Oct 19, 2019)
Baby's First Win32 Shellcode
(Oct 17, 2019)
Creating a Rootkit to Learn C
(Sep 29, 2019)
Eight Certs in 18 Months, Lessons Learned
(Aug 03, 2019)
CTP/OSCE Prep -- Wrapping Up Our Prep
(Jun 23, 2019)
CTP/OSCE Prep -- Xitami Webserver 2.5 SEH Overflow With Egghunter
(Jun 15, 2019)
CTP/OSCE Prep -- Easy File Sharing Web Server 7.2 SEH Overwrite
(Jun 13, 2019)
CTP/OSCE Prep -- Offset Helper for CTP
(Jun 07, 2019)
CTP/OSCE Prep -- 'HTER' EIP Overwrite with a Twist
(Jun 04, 2019)
CTP/OSCE Prep -- 'LTER' SEH Overwrite v2.0!
(Jun 03, 2019)
CTP/OSCE Prep -- A Noob's Approach to Alphanumeric Shellcode (LTER SEH Overwrite)
(Jun 01, 2019)
CTP/OSCE Prep -- 'LTER' SEH Snafu! and EIP Overwrite Success
(May 29, 2019)
CTP/OSCE Prep -- 'GMON' Egghunter With Character Restrictions
(May 28, 2019)
CTP/OSCE Prep -- 'GMON' Egghunter Exploit in Vulnserver
(May 27, 2019)
CTP/OSCE Prep -- 'GMON' SEH Based Overflow in Vulnserver
(May 25, 2019)
CTP/OSCE Prep -- Boofuzzing Vulnserver for EIP Overwrite
(May 24, 2019)
SLAE x86 Review
(May 15, 2019)
SLAE Assignment 7 -- Custom Crypter
(May 15, 2019)
SLAE Assignment 6 -- Polymorphic Shellcode
(May 13, 2019)
SLAE Assignment 5 -- MSF Analysis
(May 12, 2019)
SLAE Assignment 4 -- Encoder
(May 11, 2019)
SLAE Assignment 3 -- Egg Hunter
(May 08, 2019)
SLAE Assignment 2 -- TCP Reverse Shell
(May 07, 2019)
SLAE Assignment 1 -- TCP Bind Shell
(May 05, 2019)
WAPT/eWPT Review
(Apr 15, 2019)
PWK/OSCP Review
(Mar 10, 2019)