session_initialized — welcome
Asbawy — personal blog and dev logs
$
$
$
uptime4d 18:42:12
throughput412 kB/s
cpu22%
mem38%
threat levelLOW
- total_posts8
- categories4
- statusactive
- versionv2.0
2026-06-18severity: high
Practical Wireless Exploitation for Red Teams
A practical playbook detailing advanced wireless offensive operations, covering corporate Wi-Fi infiltration, BLE MITM, RFID cloning, and IoT vulnerabilities.
WirelessWi-FiBLERFIDIoTOffensive SecurityRed Teaming
2026-06-09severity: critical
BadSuccessor: dMSA Privilege Escalation in Windows Server 2025
A complete technical breakdown of the BadSuccessor vulnerability in Windows Server 2025, explaining how dMSA migration mechanics can be abused for full domain compromise.
Active DirectoryWindows Server 2025Privilege EscalationRed TeamKerberosdMSABadSuccessor
2026-06-08severity: medium
Shellcode 101: From Assembly to AV Evasion
Go from zero to exploit-ready: learn how shellcode works, how buffer overflows weaponize it, how to survive null bytes, generate payloads with MSFvenom, and slip past modern AV/EDR. The complete guide for CTF players and Red Teamers.
Offensive SecurityExploit DevelopmentShellcodeRed TeamingCTFBuffer Overflowx86-64 AssemblyPenetration TestingMSFvenomAV EvasionEDR Bypass
2026-06-04severity: critical
CVE-2026-42945 — NGINX Rift: The 18-Year-Old RCE Hiding in Plain Sight
A critical heap buffer overflow in ngx_http_rewrite_module — hiding since 2008, CVSS 9.2, unauthenticated RCE from a single crafted request.
RCECVENginxHeap OverflowExploit