offensive security & privacy research

Making cybersecurity
a habit &
privacy a goal 

Red-team walkthroughs, DFIR toolkits, and exploit breakdowns from the field, written the way I wish I'd found them the first time.

scroll

latest_entries

49 write-ups since 2016 · pentesting, DFIR, malware dev, and privacy

2023.12.15

AI-ThreatMaster - An AI Powered Threat Modelling Tool

read_more
2023.12.15

Extracting Firefox Cookies

read_more
2023.12.13

CHATGPT vs CHATGPT - Executing System Level Commands/ RCE

read_more
2023.06.09

Unveiling GitHub Actions - Security Awareness & Reverse $hell

read_more
2022.10.20

Hiding Malware with NTFS ADS – Windows Patching Bypass && Stealth Mode

read_more
2022.03.24

Shell Code Injector with AES Encryption - EDR Bypass

read_more
2022.02.19

Golden Certificate Attack - Persistence

read_more
2021.12.30

Recon - Azure Pentesting!

read_more
2021.12.22

Container Breakout – Mounted Docker Socket

read_more
2021.12.01

OWASP ZAP & GITHUB ACTION – DAST Automation from Scratch

read_more
2021.12.01

BuffEMR Walkthrough

read_more
2021.11.11

PivotAPI Walkthrough

read_more
2021.11.01

Disabling LSASS protection with mimidrv.sys

read_more
2021.10.26

Burp Suite Pro Crashing with Internal Application over NTLM authentication (Http/2 Issue)

read_more
2021.08.13

Running ShellCode in Memory | AV Evasion – VBA Version

read_more
2021.06.20

Ripper VulnHub Walkthrough

read_more
2021.05.02

OT HACKING - | SCADA/ModBUS Simulator

read_more
2021.04.10

DAST Automation with BASH

read_more
2021.03.22

Dissection of a Client-Side Attack / Broken IAM

read_more
2021.03.07

Privacy Invasion with Pandemic | Is Omegle safe?

read_more
2021.02.14

Jewel HackTheBox WalkThrough

read_more
2021.02.13

Worker HTB Walkthrough

read_more
2021.02.13

Getting Started On Azure Pentest

read_more
2020.09.25

Admirer walkthrough HTB

read_more
2020.08.03

Traceback walkthrough HTB

read_more
2020.07.02

Manual Obfuscation, Encoding/ Encrypting – FUD payload

read_more
2020.06.25

Bypass Antivirus | FUD with NXCrypt

read_more
2020.06.22

Metasploit Reverse Handler issue on AWS-ec2/Cloud

read_more
2020.06.17

Linux-Explorer - Live Forensics Toolbox

read_more
2020.06.13

DFIR Tools PART 2

read_more
2020.06.02

Bypass Windows defender & Get reverse Shell

read_more
2020.06.01

Spinning up AWS ec2 using terraform

read_more
2020.05.13

DFIR Tools PART 1

read_more
2020.04.11

Traverxec walkthrough HTB

read_more
2020.03.28

Postman walkthrough HTB

read_more
2020.03.06

Script to Automate Installing Pentest Tools

read_more
2020.02.28

What do I think of Hack the box ?

read_more
2020.01.28

PHP backdoor with Weevely

read_more
2020.01.28

Security Onion

read_more
2020.01.22

IOT Security & Performance comparison of cryptographic algorithms

read_more
2020.01.14

SIEM with ELK

read_more
2020.01.10

Static code Analysis Tools

read_more
2020.01.10

How to setup Nebula VPN connection

read_more
2019.09.28

ElasticSearch and WebDav Exploits

read_more
2019.09.27

Surveillance or Privacy - Ross Anderson

read_more
2018.09.28

Does Qubes Air solves all the security concerns ?

read_more
2017.09.28

Jenkins Exploit

read_more
2016.09.28

ManageEngine Desktop Central (MEDC) Exploit

read_more
2016.01.26

Cybersecurity as Realpolitik by Dan Geer

read_more
// about

One researcher, one blog, no fluff.

San3ncrypt3d Inc. documents real offensive-security work: HackTheBox walkthroughs, AV/EDR evasion research, cloud and OT pentesting, and digital forensics, published as it's learned, not polished after the fact.

49
write-ups published
2016
writing since
9+
domains covered