Cyber Security
Offensive Security & Exploit Development
Smashing the Stack: A Deep Dive into Buffer Overflows
Deconstruct the anatomy of a stack frame. Learn how uncontrolled memory writes hijack the instruction pointer and grant absolute control over CPU execution.
Bypassing NX: How Return-Oriented Programming (ROP) Works
When the stack is non-executable, attackers don't inject code — they reuse it. A technical deep dive into ROP chains, gadget discovery, and why NX alone isn't enough to stop modern exploits.
Defeating ASLR: Memory Leaks, PLT/GOT, and Ret2Libc Exploitation
When ASLR randomizes library addresses, absolute addresses become useless. Learn how attackers exploit dynamic linking, leak GOT entries, and compute runtime offsets to bypass ASLR and achieve code execution.
ASLR in Practice: Leak Techniques, ROP Chains, and PIE Bypass
A hands-on breakdown of how ASLR actually works and how attackers bypass it. Covers GOT leak via ROP, format string leaks, PIE binary exploitation, and pwntools scripting.
Beyond the Stack: Heap Exploitation and Use-After-Free Vulnerabilities
A technical deep dive into glibc heap internals, tcache poisoning, and Use-After-Free exploitation. Learn how dangling pointers corrupt allocator metadata and lead to arbitrary write primitives.
Raw Sockets: Forging Custom TCP Packets in C
Learn how to bypass the kernel's network stack using raw sockets in C. A byte-level walkthrough of IP and TCP header construction, checksum calculation, and SYN packet crafting.
Inside TLS 1.3: How a Secure Handshake Works
A technical deep dive into the TLS 1.3 handshake: ECDHE key exchange, certificate authentication, HKDF key derivation, and AES-GCM. Includes a C parser for raw TLS records.