Incompetent people and Low-level programmingI know people who are very competent in the cybersecurity field, like me, but there are not many. I was always wondering for a long time, why do people avoi...

Weird cyberwarfare and exploiting military equipmentSometimes when night falls and everything feels quiet and liminal, I lie on my bed and ask myself, “What is the weirdest place that I got when pivot...

How I developed x64 reverse shell shellcodeToday I was thinking about how many penetration testers use prebuilt implants in order to gain a shell on the target machine. I also often use meterpreter im...

How I exploited Intel’s Active Management Technology in ChinaIn previous blog, I talked about how I managed to exploit the Russian guy’s Orange Pi 5 and persisted it. In this blog, I want to explain h...

How I hacked Russian guy with ADB ShellEveryone knows how the internet works. If you have anything open, you’ll most likely get hacked. I would like to talk about some Russian guy/girl (I don’t k...

Implementing Hill Cipher in C++Everyone knows that encryption/decryption is very important when writing malware. That can be used for everything, starting from obfuscating strings and shellcodes ...

Attacking Russian scam website (Part I)I know a guy who lives in the U.S., and he told me that he received a suspicious email from Russians. They offered him a job, but he had to fill out a form that ...

Forcing “dead” Radxa 4C+ to boot (Part I)Several days ago I got my hands on Radxa 4C+ which is an alternative for Raspberry PI. I tried booting it, but it didn’t work. At first I thought it was happen...

Squid loves to pass stuff around…No exploits?This CTF was quite interesting because there were no exploit PoCs initially, unlike other challenges. This time there is a Windows server that hosts Squid ...

Mailing a plastic explosiveIn this challenge I’m going to mail a C4 plastic explosive to the host. When this explodes, it leaves a small hole where we can enter to interact with root shell. To be hone...