Hexxed BitHeadz

Blogs

Hexxed BitHeadz
  • Aromak gets shiny-OSEP!

    Aromak gets shiny-OSEP!

    You know how every family has their own little traditions; like baking cookies for Christmas or taking down the decorations on January 1st? In the Hexxed BitHeadz house, when someone hits a milestone, we trade a technical writeups for a for a quick reflection about our recent win. Well, as of 11/8/25, I am OFFICIALLY…

  • Out Of Office – BSides Buffalo

    Out Of Office – BSides Buffalo

    This month we’re pushing out June’s blog slightly early, as we are currently heading to Buffalo New York for BSides. We are thrilled to have been accepted to share our talk: “A New Host Touches the Beacon” once again. We’ve updated the slides and cannot wait to show off our newest version of this incredibly…

  • Notepad(p)esky(p)lugins

    Notepad(p)esky(p)lugins

    It was only months ago we got to go do our very first cyber related talk at BSides Las Vegas, which involved demoing how a malicious DLL mod for Skyrim could look like.  At the end, during Q&A, someone asked a question along the lines of “How many corporate computers do think have Skyrim installed?”…

  • The One Where FPGA Says Hello and Lights Up

    The One Where FPGA Says Hello and Lights Up

    Have you ever had that feeling when someone mentions anything at work or a social setting, and you’re like, “Hm, sounds interesting!” You know that moment when you know you’ve heard the term before, but you don’t have a good understanding of what it actually is. Yeah…. That’s FPGA for me (or at least, it…

  • V.I.T.A. (Variations In The Acronym!)

    V.I.T.A. (Variations In The Acronym!)

    Introducing VITA! – “Vulnerability and Intrusion Threat Analyzer”! … or maybe…. “Virus Identification and Threat Assessment”….. “Verification of Intrusions, Threats, and Anomalies”? Since I cannot seem to settle on one, it’s probably best for you to just pick the one you like best. Throughout one’s pentesting / malware development or analysis journey, one will typically…

  • Conjuring Reverse Tunnels with Ligolo

    Conjuring Reverse Tunnels with Ligolo

    During this OSCP journey I’ve embarked on in the past few months, the topic of tunneling and pivoting was covered. One night I got frustrated using SOCKS and all of those things, so I went to the OSCP Discord channel, where Ligolo came up as a recommended tool for tunneling. I asked Aromak if he…

  • A walk on the blue side: Part 3

    A walk on the blue side: Part 3

    In my previous blog, I show off how I was able to get Wazuh up and running on an Ubuntu VM, 4 agents installed on 4 separate Raspberry Pis, and 1 agent on a Windows 10 VM. I dove into configurations and testing to understand the beginning fundamentals of Wazuh SIEM. The goal of this…

  • OOO – BSides / DefCon

    OOO – BSides / DefCon

    Here we are, August 2024. Exactly 1 year past the creation of Hexxed BitHeadz. Back on our way to BSides and DefCon Las Vegas, same as we’ve done every year for several years now. Well… Not quite the same… Assembling these articles every month has proven to keep us open minded and deeply involved in…

  • A walk on the blue side: Part 2

    A walk on the blue side: Part 2

    Welcome BACK to my Blue Side adventures. For several years now, I have practiced setting up home lab environments for the sake of practicing penetration testing and red team methodologies. I bet I still have quite a collection of VulnHubs on a drive somewhere around here. But something that has been missing, is getting a…

  • Visible Ink, Invisible Bias

    Visible Ink, Invisible Bias

    The tattoo represents not only a willingness to accept pain – to endure it – but a need to actively embrace it. Because life is painful – beautiful but painful. I’ve always found tattoos interesting. However, my drawing skills are limited to uneven heart shapes, weird trees, and something that may or may not be…

  • A walk on the blue side: Part 1

    A walk on the blue side: Part 1

    Sun Tzu, the renowned strategist, once said “Know your enemy and know yourself and you can fight a hundred battles without disaster.” So how does a Red Team operator be as cool and knowledgeable as Sun Tzu? How can a Red Team operator “Know the enemy”? In this context I do refer to the Blue Team side…

  • Ctrl + Alt + LOL: AI Junior Pentester Edition

    Ctrl + Alt + LOL: AI Junior Pentester Edition

    Artificial Intelligence! What a time to be alive! Students use it to attempt cheating, workers are using AI to train AI, lawyers use in court, CEO’s use to generate articles, inexperience web developers use it to fix website components 🥴, etc. It’s probably easy to say at this point, a lot of us have found…

Pages

Follow us

Bluesky

Etsy

GitHub