The Vietnam-aligned threat actor known as OceanLotus has been attributed to two distinct campaigns that targeted domestic ...

Our tracking of OceanLotus activities from 2024–2026 reveals a shift in operational focus. During this period, the Vietnam-aligned OceanLotus adopted a more selective approach to external operations ...

ESET researchers have discovered SprySOCKS for Windows, FishMonger’s backdoor weaponizing a kernel driver for advanced ...

A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade endpoint detection and response (EDR) solutions. Tool and payload development ...

uint64_t mmio_va = *(uint64_t *)(softc + IOMMU_SC_MMIO_VA); uint64_t cb2_va = *(uint64_t *)(softc + IOMMU_SC_CB2_PTR); uint64_t cb3_va = *(uint64_t *)(softc + IOMMU ...

Abstract: Developing a remote exploit is not easy. It requires a comprehensive understanding of a vulnerability and delicate techniques to bypass defense mechanisms. As a result, attackers may prefer ...

Abstract: Shellcodes are short, executable code fragments that are utilized in various attack scenarios where code execution is possible. When they are injected through the program's inputs, they may ...

Resources under the "recommended" section of each chapter are the ones I would personally recommend to study with - all the other resources are also great but should be seen as either "fundamentals ...

The write-up follows the exploitation workflow from reverse engineering with Cutter to payload development and remote exploitation using Pwntools, GDB/pwndbg, Python, and Linux debugging techniques.