I built a shellcode encoder that outputs ready-to-paste code snippets in C, C#, Go, Python, Rust, and Nim. Six encoding schemes, zero dependencies. Here's how it works and why I needed it.

EDR products hook ntdll.dll to watch your syscalls. Syscall proxying lets you slip past those hooks by borrowing clean stubs from modules the EDR didn't bother to patch.

Every CI/CD pipeline is an attack surface. From GitHub Actions to Jenkins, this post maps the common attack vectors and shows how to find them in your own infrastructure.

A CVSS 9.8 deserialization flaw in WSUS lets an unauthenticated attacker pop a SYSTEM shell on any unpatched WSUS server. No credentials required, just network access to port 8530.