A Beginner’s Guide to the CVE process

Before I got into the security field full time, I made it my goal to someday discover a previously unpublished […]

Compromise a DCOS Server through a Docker Container

Ever wonder how you can use a docker container to compromise the host? There is a simple process to do so, if […]

Making Raw Syscalls on Windows From Python

Often times while writing a proof of concept for an exploit or doing vulnerability research its necessary to make a […]

Running a Data URI Phishing Campaign with King Phisher

Data URI Phishing with King Phisher One of the newest techniques being blogged about in the security world is phishing […]

I’ve Got 1.2 Million Keys But A Private Ain’t One

GitHub has grown in popularity over the past few years as one of the defacto standard locations to share and […]

An Analysis of MS16-098 / ZDI-16-453

This past patch Tuesday, Microsoft released MS16-098, a patch for multiple vulnerabilities in “Kernel-Mode Drivers”. Within this patch, the vulnerability identified […]