Search

Search the blog.

Leaving msfvenom on the jump box: a browser-native workflow
A migration path from team-server shellcode habits to in-browser generation without losing reproducibility or OPSEC discipline.
Bad-character filters: presets are a start, not the contract
How null and alphanumeric presets map to real injection channels, and when you must build a custom bad-char list.
What the hex viewer tells you before you copy shellcode
Using a hex view to catch alignment issues, obvious bad chars, and length mistakes before shellcode hits an exploit script.
Repeatable shellcode runbooks for authorized testing
How to document encoder chains, network parameters, and export formats so retests do not turn into archaeology.
Linux exec vs reverse TCP: pick the payload that matches the primitive
When to use exec-style shellcode versus reverse TCP in authorized labs, and why the flashy option is often the wrong one.
Importing shellcode without corrupting a single byte
Common paste formats, whitespace traps, and how to round-trip external shellcode through a browser builder without silent truncation.
Encoder pipeline order: why your second pass breaks the first
How stacked encoders change size, decoders, and bad-char profiles, plus a sane order for lab iterations before exploit integration.
Client-side shellcode generation: a threat model that is not marketing
What stays local in a browser-native shellcode builder, what still leaks, and how to run authorized tests without polluting your ticket trail.
Null bytes in shellcode still ruin exploits in 2026
Why 0x00 breaks strcpy-style delivery, how nulls sneak into reverse TCP structs, and what to do when your encoder pass lies to you.
Reverse TCP shellcode: the lab checklist I actually use
A practical reverse TCP lab workflow for authorized testing: listener setup, byte checks, and failure modes before you paste shellcode anywhere.