Welcome to my GitHub Blog.

I have studied Offensive Security topics for many years and work in a highly-sensitive industry as a cybersecurity professional. Previously, I worked in Information Technology for over twenty years, and I have always been ‘fascinated’ with ‘exploitation’. I have completed all the requirements and criteria to earn the OSCP, OSCE (discontinued), and OSCE³ certifications. You can find me on GitHub and LinkedIn. And you can view my Offensive Security credentials on Accredible. I hope to take the OSEE at least once!

Here I will write about things I find interesting, and hopefully about things that I struggle to find elsewhere.

Posts


May 2025 - HEVD Double-fetch Privilege Escalation without Shellcode	May 2025 - Faking Remote Procedure Calls
February 2025 - HEVD Double-fetch Walkthrough on Windows 2022 - Revisited	May 2025 - WDEG StackPivot Bypass
October 2024 - HEVD Double-fetch Walkthrough on Windows 2022 - Part 1, Part 2	January 2025 - All the Leaks
September 2024 - Doubly-Linked Lists in the Windows Kernel	January 2025 - Controlling the Stack
August 2024 - HEVD Type Confusion Walkthrough on Windows 2022 - Part 1, Part 2, Part 3	January 2025 - Shellcode Execution
	December 2024 - Mixing it up: ROP and COP


January 2025 - Low Fragmentation Heap Behaviour	August 2024 - CVE-2017-4905, ESXi, Workstation, and Fusion have Uninitialized memory usage
December 2024 - Use After Free (UaF) Bugs and Virtual Function Tables


August 2024 - VulnLab Reaper 2 Walkthrough	September 2024 - Exploring x64 Calling Conventions
July 2024 - VulnLab Reaper Walkthrough

Older Posts

February 2023 - Introduction

February 2023 - x86 32-Bit Architecture

February 2023 - A Little Bit of Assembly Code

December 2022 - Finding Windows APIs for ROP Chaining

June 2022 - Deserialization - Object Instantiation for Remote Code Execution

August 2022 - Javulna Auth Bypass and RCE Walkthrough

January 2022 - Syn Breeze Revisited Part 1, Part 2, Part 3

Welcome to my GitHub Blog.

Posts

Older Posts

Comments