-
React2Shell (CVE-2025-55182)
Happy New Year and Welcome to 2026 If we were following an old sci-fi movie timeline, we’d have flying cars and autonomous cities by now. Although, at this point, it feels like we’re more likely to get Rosie the Robot first. As we wait for Rosie.. …is clear we humans are already losing this race.…
-
Re-Vita-Lized
I don’t know who the hell started this “themed GIFs” thing in our blogs, but I’m pretty sure it was Izzny. If it was indeed me, I’m still pointing at Izzny. I didn’t have a great GIF theme idea for this one right away, but I also didn’t want to be the one to ruin…
-
Challenge Accepted: FPGA Ethernet Filters
You see, kids, building an FPGA-based network filter isn’t just about blocking packets; it’s all about the design. In this blog, I’ll take you through how I created, tested, and re-tested the implementation of an Ethernet filtering system—laying the first stone of something LEGENDARY. Never seen How I Met Your Mother? Doesn’t matter. If you…
-
Notepad(p)esky(p)lugins
It was only months ago we got to go do our very first cyber related talk at BSides Las Vegas, which involved demoing how a malicious DLL mod for Skyrim could look like. At the end, during Q&A, someone asked a question along the lines of “How many corporate computers do think have Skyrim installed?”…
-
The One Where FPGA Says Hello and Lights Up
Have you ever had that feeling when someone mentions anything at work or a social setting, and you’re like, “Hm, sounds interesting!” You know that moment when you know you’ve heard the term before, but you don’t have a good understanding of what it actually is. Yeah…. That’s FPGA for me (or at least, it…
-
V.I.T.A. (Variations In The Acronym!)
Introducing VITA! – “Vulnerability and Intrusion Threat Analyzer”! … or maybe…. “Virus Identification and Threat Assessment”….. “Verification of Intrusions, Threats, and Anomalies”? Since I cannot seem to settle on one, it’s probably best for you to just pick the one you like best. Throughout one’s pentesting / malware development or analysis journey, one will typically…
-
Conjuring Reverse Tunnels with Ligolo
During this OSCP journey I’ve embarked on in the past few months, the topic of tunneling and pivoting was covered. One night I got frustrated using SOCKS and all of those things, so I went to the OSCP Discord channel, where Ligolo came up as a recommended tool for tunneling. I asked Aromak if he…
-
A walk on the blue side: Part 3
In my previous blog, I show off how I was able to get Wazuh up and running on an Ubuntu VM, 4 agents installed on 4 separate Raspberry Pis, and 1 agent on a Windows 10 VM. I dove into configurations and testing to understand the beginning fundamentals of Wazuh SIEM. The goal of this…
-
OOO – BSides / DefCon
Here we are, August 2024. Exactly 1 year past the creation of Hexxed BitHeadz. Back on our way to BSides and DefCon Las Vegas, same as we’ve done every year for several years now. Well… Not quite the same… Assembling these articles every month has proven to keep us open minded and deeply involved in…
-
A walk on the blue side: Part 2
Welcome BACK to my Blue Side adventures. For several years now, I have practiced setting up home lab environments for the sake of practicing penetration testing and red team methodologies. I bet I still have quite a collection of VulnHubs on a drive somewhere around here. But something that has been missing, is getting a…
-
Visible Ink, Invisible Bias
The tattoo represents not only a willingness to accept pain – to endure it – but a need to actively embrace it. Because life is painful – beautiful but painful. I’ve always found tattoos interesting. However, my drawing skills are limited to uneven heart shapes, weird trees, and something that may or may not be…
Blogs
1–2 minutes
