When Passwordless Falls Back: Offensive Techniques Against Passkeys
INTRODUCTION A passkey is a cryptographic authentication credential that replaces passwords using public-key cryptography. More concretely: A passkey consists of a public–private […]
The Anatomy of a Beacon Object File: From COFF Compilation to In-Memory Execution
The Anatomy of a Beacon Object File: From COFF Compilation to In-Memory Execution Introduction In modern red team operations, stealth is not […]
Kerberos Demystified: How It Works, Why It Matters, and How to Defend Against Attacks
Kerberos Demystified: How It Works, Why It Matters, and How to Defend Against Attacks What is Kerberos? Kerberos is like a digital […]
Breaking Jenkins to Build It Better: A Beginner’s Guide to Jenkins Security Fundamentals
Breaking Jenkins to Build It Better: A Beginner’s Guide to Jenkins Security Fundamentals So, you’ve heard a little about CI/CD pipelines and […]
Never let your Kube(let) down
Never let your Kube(let) down OVERVIEW Kubernetes a.k.a K8s is one of the most widely used container orchestration platforms. At its core, […]
Breaking Free: Docker, Development, and Breakout
Breaking Free: Docker, Development, and Breakout OVERVIEW Containers have been used for more than two decades now with Docker being one of […]







































