-
React2Shell (CVE-2025-55182)
Happy New Year and Welcome to 2026 If we were following an old sci-fi movie timeline, we’d have flying cars and autonomous cities by now. Although, at this point, it feels like we’re more likely to get Rosie the Robot first. As we wait for Rosie.. …is clear we humans are already losing this race.…
-
A walk on the blue side: Part 1
Sun Tzu, the renowned strategist, once said “Know your enemy and know yourself and you can fight a hundred battles without disaster.” So how does a Red Team operator be as cool and knowledgeable as Sun Tzu? How can a Red Team operator “Know the enemy”? In this context I do refer to the Blue Team side…
-
Ctrl + Alt + LOL: AI Junior Pentester Edition
Artificial Intelligence! What a time to be alive! Students use it to attempt cheating, workers are using AI to train AI, lawyers use in court, CEO’s use to generate articles, inexperience web developers use it to fix website components 🥴, etc. It’s probably easy to say at this point, a lot of us have found…
-
Test drive the Pis with The Boyz
Late September… We bought 4 Raspberry Pi 4’s, and then 3 days later, the Raspberry Pi 5 were announced…. After getting over my “UGGGHHHH” emotions, I realized that I was extremely lucky that I could easily return the 4’s, preorder the 5’s, and simply wait a bit longer for the new models. It seems to…
-
Unraveling the cryptographic thread of HMAC
As a Systems Security Engineer, I spend most of my work hours diving into architecture diagrams, analyzing data flows, and conducting risk and adversarial assessments to protect systems against cyber threats (gotta 💜 being a purple teamer!). One way to protect our systems and ensure data integrity is through the implementation of Hash-based Message Authentication…
-
From Phreaks to Bytes: Hacking Through the Ages
It was just early August 2023 when we were in Vegas for BSides and DefCon. We took advantage of the pre-conference crowd and hit up a restaurant for some grub. Our server strikes up a conversation that of course leads to asking what brings us to Vegas. Proceeding to explain DefCon, he quickly catches on,…
-
CodeCraft Odyssey: A Tribute to 90s Hackers’ Tale
I am currently studying and preparing for my OSCP, 🤯 often finding myself staring at a terminal for too long. Of course, pentesting and blowing up VMs go hand in hand, so I’m repeatedly setting up VMs back the way I had them, and honestly, is quite a hassle. This is not just a blog;…
-
A New Host Touches the Beacon
Update: 6/17/2025: This talk has been remastered! New features include: New, updated textures! A more experienced speaker! Best of all, COOP mode! See what’s new in talk about hacking Skyrim in a pretty bad ass way! : BSides Buffalo New York 2025 Update: 8/7/2024: This talk was presented live at BSides Las Vegas 2024. The…
-
OSCP, a year later
It’s hard to believe that an entire year has flown by since I earned that beastly certification. Whether you’ve already secured your certification or are contemplating the journey, you might find my story intriguing—especially if all you’ve seen are those “OSCP zero to hero in X days!”. This article is your backstage pass to my…
-
Unmasking the Shadows:WebDetetive Spyware Breach
In a world where technology is advancing at a fast pace, our lives are more interconnected than ever before. Technology often empowers us to be better, to achieve our dreams, and to prosper, but with this comes a dark side. Individuals with malicious intent can invade our privacy, use technology as a weapon, a tool…
-
DefCon 31
Greetings reader! We are here to discuss this year’s DEF CON experience. If you are unfamiliar with what DEF CON is, DEF CON is one of the world’s most renowned hacker conventions held annually in Las Vegas, Nevada. Established in 1993, DEF CON provides a platform for hackers, security professionals, researchers, and enthusiasts to gather…
Blogs
1–2 minutes
