PinnedReverse engineering Glasgow’s subway ticketsBEFORE YOU READ: This post is the result of a personal project and does not represent any person, institute, or organisation that I may…Aug 15, 20222Aug 15, 20222
Huntress CTF 2024 — OceanLocust Write-upOceanLocust was a reverse engineering challenge released on day 5 of the Huntress CTF. The challenge provided three files…Nov 1, 2024Nov 1, 2024
Huntress CTF 2024 — In Plain Sight Write-upWrite up for the In Plain Sight Huntress CTF challengeNov 1, 2024Nov 1, 2024
Capturing NTLM hashes using a USBA few years ago I wrote a blog post where I explained the different ways of making a USB automatically call back to a URL when plugged in…Sep 25, 2024Sep 25, 2024
Manually deobfuscating a JavaScript malware loaderI just got back from a camping trip over the weekend and was having some down time scrolling through Discord when I saw someone mention…Aug 19, 20241Aug 19, 20241
Invisible Threads: Finding missing people onlineWelcome to my new series where I’ll be explaining the different techniques I use to help find missing people online. I went with the name…Jul 23, 2024Jul 23, 2024
HackTheBox CTF: Metagaming Write-upThis challenge was part of the HackTheBox Cyber Apocalypse 2024 CTF competition. Metagaming was a challenge under the Reversing category…Mar 18, 2024Mar 18, 2024
HackTheBox CTF: Confinement Write-upThis challenge was part of the HackTheBox Cyber Apocalypse 2024 CTF competition. Confinement was a challenge under the Forensics category…Mar 14, 2024Mar 14, 2024
Advent of Cyber 2023: Side Quest 2 Write-upThis year I participated in the Advent of Cyber run by TryHackMe. The event consisted of daily challenges with varying levels of…Dec 28, 2023Dec 28, 2023
Advent of Cyber 2023: Side Quest 1 Write-upThis year I participated in the Advent of Cyber run by TryHackMe. The event consisted of daily challenges with varying levels of…Dec 28, 2023Dec 28, 2023
babygame02 picoCTF writeupAfter attending the PwnEd4 conference in Edinburgh and talking with different industry professionals in vulnerability research, I’ve been…Apr 7, 2023Apr 7, 2023
Reverse engineering my first CrackMeFollow my journey as I research different disassemblers and debuggers in order to reverse engineer my first CrackMe challenge.Mar 6, 2023Mar 6, 2023
Published inOSINT TeamSearching for missing people onlineLast weekend I took part in a capture the flag (CTF) competition run by Trace Labs — a crowd-sourced non-profit organisation to help…Feb 13, 20231Feb 13, 20231
USB Automatic Callback: building a USB honeypotAbsuing Microsoft Explorer remote icons to exfiltrate data from a machine.Aug 12, 2022Aug 12, 2022
CVE-2020–15139: From Self-XSS to Persistent DOM-XSSMy journey into discovering CVE-2020–15139Aug 12, 2022Aug 12, 2022