Blog

GPUSleep. Makes your beacon disappear into GPU memory (and eventually come back).

Small project of mine that is designed to move Cobalt Strike (or any really) beacon image, and heap, from memory to GPU memory before going to sleep. And moves everything back to the same place after sleep.

read more

Traefik+Nextcloud+Step-ca+Docker

Today I wanted to make a small post about how to deploy your Nextcloud instance like a boss (or not). Furthermore, we will also deploy step-ca to manage our own Certificate Authority.

read more

GoMacro: a small utility to create Word macros with Go

A small utility and library written in Go to create Word Documents with malicious macros.

read more

Custom DOUBLEPULSAR userland shellcode

This post is about my journey on writing my own implementation of the DOUBLEPULSAR userland shellcode.

read more

Anatomy of an Emotet Word Document dropper

This blog post presents an analysis of the Visual Basic macro contained in a Word doc samples that drops Emotet malware.

read more

Runtime CRC-32 checksum with ASLR activated - Windows 10

This is my first blog post ever. I wanted to create a CRC-32 checksum that could work when ASLR is activated.

read more