Hi there 👋

Welcome to this blog centered around pentesting, red teaming and malware development.
If you came here expecting to find a knowledgebase, I'm sorry to inform you that it is no longer publicly available.

Persistence With GPP Item-level Targeting

The list of Active Directory persistence techniques is already pretty long. This blog post adds another one to that list.

The basic idea is this: Add a new Group...

29.06.2024 · dadevel, mojeda

Detecting Sandboxes Without Syscalls

The PEB, TEB and KUSER_SHARED_DATA structs are mapped into the memory space of every process. They provide a wealth of information to the process and can be accessed without...

19.04.2024 · dadevel

Pwning Arcserve Backup Infrastructure

During a recent internal pentest I was asked to take a closer look at the customers backup infrastructure. In this blog post I will describe the attack path from domain user...

25.08.2023 · dadevel