/logs — blog posts
- 2026-06-18·network·9 min read
Practical Wireless Exploitation for Red Teams
A practical playbook detailing advanced wireless offensive operations, covering corporate Wi-Fi infiltration, BLE MITM, RFID cloning, and IoT vulnerabilities.
WirelessWi-FiBLERFIDIoTOffensive SecurityRed Teaming - 2026-06-09·windows·12 min
BadSuccessor: dMSA Privilege Escalation in Windows Server 2025
A complete technical breakdown of the BadSuccessor vulnerability in Windows Server 2025, explaining how dMSA migration mechanics can be abused for full domain compromise.
Active DirectoryWindows Server 2025Privilege EscalationRed TeamKerberosdMSABadSuccessor - 2026-06-08·windows·14 min
Shellcode 101: From Assembly to AV Evasion
Go from zero to exploit-ready: learn how shellcode works, how buffer overflows weaponize it, how to survive null bytes, generate payloads with MSFvenom, and slip past modern AV/EDR. The complete guide for CTF players and Red Teamers.
Offensive SecurityExploit DevelopmentShellcodeRed TeamingCTFBuffer Overflowx86-64 AssemblyPenetration TestingMSFvenomAV EvasionEDR Bypass - 2026-06-04·web·13 min
CVE-2026-42945 — NGINX Rift: The 18-Year-Old RCE Hiding in Plain Sight
A critical heap buffer overflow in ngx_http_rewrite_module — hiding since 2008, CVSS 9.2, unauthenticated RCE from a single crafted request.
RCECVENginxHeap OverflowExploit - 2026-06-03·windows·27 min
Legacy Lethality: Weaponizing OLE & VBA Macros in the GenAI Era
Enterprise endpoints keep falling to attack primitives from the early 1990s. OLE and VBA macros still dominate initial access because legacy interoperability requirements override security posture. Finance, HR, and operations depend on macro-enabled workflows, and generative AI has collapsed the skill barrier—Q1 2026 telemetry shows over 60% of macro-based malware uses AI-generated obfuscation. This post covers the full attack lifecycle: trigger mechanisms, obfuscation, in-process payload injection, direct syscalls from VBA, XLM abuse, OLE weaponization without macros, and the CVE-2026-21509 kill-bit bypass.
olevbamacrosred-teammalware-analysisedr-evasiongenaioffice - 2026-05-28·windows·13 min
Hijacking Grammarly Desktop: How a Missing DLL Leads to Silent Code Execution
Grammarly Desktop is a widely used writing assistant that runs in the background on Windows, checking grammar and spelling across applications. The application runs as a trusted, signed binary. We found that Grammarly Desktop loads several Windows system libraries from its own local application folder instead of from protected system directories. Because this folder lives inside the user's AppData directory, any code running as that user can place a malicious DLL file there. When Grammarly starts, it loads and executes the attacker's code with the same privileges as the logged-in user. This post explains how the vulnerability works, demonstrates three proof-of-concept attacks, and discusses how to fix the underlying flaw.
grammarlydll-hijackingwindowsred-teampenetration-testingvulnerability - 2026-05-13·network·35 min
Data Exfiltration Guide
A comprehensive red-team reference covering data exfiltration techniques across TCP, SSH, HTTP/HTTPS, ICMP, and DNS — including advanced IP-over-DNS tunneling with Iodine and HTTP tunneling with Neo-reGeorg — with operational security notes and detection guidance for each method.
data-exfiltrationnetworktcpsshhttphttpsicmpdnstunnelingred-teamopsecpenetration-testing - 2023-01-12·web·18 min
CVE-2021-43798 Grafana Directory Traversal Deep Dive
Deep dive into CVE-2021-43798 — unauthenticated directory traversal in Grafana 8.x via /public/plugins/. Covers root cause, manual exploitation, URL normalization pitfalls, high-value loot targets, and automation with GrafTraverse.
grafanacve-2021-43798directory-traversallfiwebred-teampenetration-testingautomationgraftraverse
Stay in the loop
Subscribe via RSS to get new posts delivered to your reader. Works with Feedly, Inoreader, Newsblur, and any RSS client.