Building a Custom C2 Framework: Concepts and Evasion
An educational overview of command and control framework architecture, communication channels, and evasion techniques used in offensive security.
Red Team C2 Offensive Security Evasion
Blog
Writeups, research, and security insights
My Web Application Pentest Methodology
A practical guide to my personal web application penetration testing methodology, from reconnaissance to reporting.
Web Security Methodology OWASP Bug Bounty
Active Directory Attack Paths: From User to Domain Admin
Exploring common Active Directory attack paths including Kerberoasting, AS-REP Roasting, DCSync attacks, and how to identify them using BloodHound.
Active Directory Red Team Kerberos BloodHound
HackTheBox: Phantom Machine Walkthrough
A detailed walkthrough of the Phantom machine on HackTheBox, covering enumeration, initial foothold via a deserialization vulnerability, and privilege escalation through a misconfigured SUID binary.
HackTheBox CTF Linux Privilege Escalation