Help Ukraine, click for information
root@sovietghost:~/blog#

ls -la posts/

-rw-Dec 01~7mPractical Threat Hunting: Finding Attackers Who Are Already Inside.md

# A working threat hunting methodology — hypothesis-driven searches, data sources, detection techniques for common MITRE ATT&CK tactics, and KQL/Sigma rules to run in your SIEM.

-rw-Nov 28~6mMalware Analysis: Static and Dynamic Techniques.md

# A practical introduction to malware analysis — setting up a safe lab, static analysis with strings and PE headers, dynamic sandbox analysis, and what to look for in suspicious binaries.

-rw-Nov 25~6mAWS Misconfigurations Attackers Actually Exploit.md

# The S3 buckets, IMDSv1 endpoints, over-permissive IAM roles, and exposed secrets that lead to full AWS account compromise — and how to find them before attackers do.

-rw-Nov 20~7mStack Buffer Overflows: From Crash to Shell.md

# A ground-up walkthrough of stack buffer overflow exploitation — how the stack works, controlling EIP, ret2shellcode, ret2libc, and what modern mitigations actually prevent.

-rw-Nov 15~6mAPI Security Testing: A Practical Methodology.md

# A complete methodology for testing REST and GraphQL APIs — authentication flaws, BOLA, mass assignment, rate limiting bypass, and the tools to find them fast.

-rw-Nov 10~6mLinux Persistence Techniques: How Attackers Stay Hidden.md

# A red teamer's guide to Linux persistence — cron jobs, systemd units, SSH backdoors, LD_PRELOAD hijacking, PAM modules, and how defenders can find each one.

-rw-Nov 05~6mWeb Cache Poisoning: Turning a Feature Into a Weapon.md

# How web cache poisoning works, how to find poisonable headers, exploitation techniques from stored XSS to DoS, and how to actually fix it.

-rw-Nov 01~6mActive Directory Attack Paths: From User to Domain Admin.md

# A practical walkthrough of the most common Active Directory attack chains — Kerberoasting, Pass-the-Hash, BloodHound, and lateral movement — with detection notes for defenders.

-rw-Oct 10~4mBreaking the Sandbox: Memory Mapping & Seccomp Escape.md

# CTF writeup detailing a sandbox escape challenge: fixed RWX mmap, fork-before-seccomp, and non-interactive payloads to retrieve the flag.

-rw-Oct 10~10mShallow Query, Deep Trouble: MongoDB NoSQL Injection.md

# CTF writeup detailing a MongoDB NoSQL injection: discovery, exploitation, payloads, and mitigation notes.

-rw-Oct 02~2mChasing Shadows: Tracking Digital Intrusions.md

# Exploring the intersection of technical investigation, evidence gathering, and cyber situational awareness.

-rw-Sep 29~1mCVE Viewer Added.md

# Introducing our new CVE Viewer feature – explore vulnerabilities in detail and stay informed.

-rw-Sep 24~3mTwo-Factor Isn't Bulletproof.md

# Why enabling 2FA is smart but not a silver bullet — common bypasses, realistic limits, and practical hardening advice for users and admins.

-rw-Sep 23~7mWhat is SOC.md

# A deep, practical, no-nonsense guide to Security Operations Centers (SOC): what they do, how they work, the tech and people that run them, and how to build one that actually reduces risk.

-rw-Sep 01~1mI added new forum feature.md

# Announcing the launch of our new forum feature - a place for community discussion and collaboration.

> 45 posts found
1 / 3

> Thanks for visiting. Stay curious and stay secure. _