// offensive security research
Find the path.
Document the failure.
Long-form writing on red team operations, exploit development, initial access techniques, and building offensive tooling.
latest posts
I Put a Chatbot on Your Site
As if AI wasn’t already a headache for governance, I thought I’d add one more fun thing into the mix. AI chatbots have become prevalent across many, many...
Your Butler Is My Commander
On a recent internal engagement I came across a Jenkins installation, compromised it through some developer AD users, and started using it as a pivot into the client’s...
Visualizing AWS Relationships and Attack Paths
While performing analysis of AWS environments and attempting to identify attack paths and lateral movement opportunity, I kept wishing for something akin to BloodHound. Running tools like ScoutSuite...