Stack Spoofing - Researching new approaches
Known ideas and new ones for call stack spoofing on Windows, with and without CET
Read articleCoruna Exploit Kit - Further investigations and reverse engineering
In early march 2026, GTIG found several domains delivering a sophisticated 1-click exploit chain for iOS and macOS devices, this is a reverse engineer and analisys of the exploits and features inside the kit
Read articlePoisoned Null Byte - Heap exploitation and GLIBC internals
Exploiting an Off-By-One error using House Of Einherjar to gain chunk overlapping and arbitrary pointer return from malloc. This post talks about how Glibc works and some security mitigations in it
Read articleSecrets dumping from modern browsers
Deep dive on how to dump secrets from modern chromium based browsers and bypass App Bound Encryption
Read articleELPACO ransomware - Malware analysis
A variant of Mimic allows the operator to use a GUI to interact with the program
Read articleSolarwinds breach - Sunburst backdoor analysis
Back in 2020 Solarwinds was the victim of one of the largest breaches in history, in this post im going to analyze the tools implemented by the Thread Actors, specifically the evasion and persistence mechanisms
Read article