Welcome to my GitHub Blog.
I have studied Offensive Security topics for many years and work in a highly-sensitive industry as a cybersecurity professional. Previously, I worked in Information Technology for over twenty years, and I have always been ‘fascinated’ with ‘exploitation’. I have completed all the requirements and criteria to earn the OSCP, OSCE (discontinued), and OSCE3, and OSEE certifications. You can find me on GitHub and LinkedIn. And you can view my Offensive Security credentials on Accredible.
Here I will write about things I find interesting, and hopefully about things that I struggle to find elsewhere.
I have a Public PGP key if you want to send me something securely: john.tear[at]icloud[dot]com.
Posts
| October 2025 - Physical Memory Read/Write Primitive | May 2025 - Faking Remote Procedure Calls |
| May 2025 - HEVD Double-fetch Privilege Escalation without Shellcode | May 2025 - WDEG StackPivot Bypass |
| February 2025 - HEVD Double-fetch Walkthrough on Windows 2022 - Revisited | January 2025 - Controlling the Stack |
| October 2024 - HEVD Double-fetch Walkthrough on Windows 2022 - Part 1, Part 2 | January 2025 - All the Leaks |
| September 2024 - Doubly-Linked Lists in the Windows Kernel | January 2025 - Shellcode Execution |
| August 2024 - HEVD Type Confusion Walkthrough on Windows 2022 - Part 1, Part 2, Part 3 | December 2024 - Mixing it up: ROP and COP |
| January 2025 - Low Fragmentation Heap Behaviour | August 2024 - CVE-2017-4905, ESXi, Workstation, and Fusion have Uninitialized memory usage |
| December 2024 - Use After Free (UaF) Bugs and Virtual Function Tables |
| August 2024 - VulnLab Reaper 2 Walkthrough | September 2024 - Exploring x64 Calling Conventions |
| July 2024 - VulnLab Reaper Walkthrough |
Older Posts
February 2023 - Introduction
February 2023 - x86 32-Bit Architecture
February 2023 - A Little Bit of Assembly Code
December 2022 - Finding Windows APIs for ROP Chaining
June 2022 - Deserialization - Object Instantiation for Remote Code Execution
August 2022 - Javulna Auth Bypass and RCE Walkthrough
January 2022 - Syn Breeze Revisited Part 1, Part 2, Part 3
Comments
Feel free to leave comments or questions for this blog post. Please be respectful, I will moderate comments and reserve the right to remove them.