Knowledge Base
Research & Posts
CVE
2024-03-12 Exploiting Polkit (CVE-2021-3560): Race Condition to Root
A deep dive into the Polkit race condition vulnerability that allowed privilege escalation to root on major Linux distributions.
Web
2024-02-28 HTTP Request Smuggling: Advanced Desync Techniques
Chaining CL.TE and TE.CL desync attacks to bypass security controls and achieve account takeover.
Red Team
2024-01-15 Bypassing EDR via Direct Syscalls in 2024
Modern techniques for evading endpoint detection and response solutions using direct syscall invocations.
Malware
2023-12-01 Reverse Engineering a Modern C2 Framework
Dissecting a real-world command and control framework discovered during a red team engagement.
