// intelligence_feed · writeups · research
Archive.
8 entries indexed
06 mai 2026
Wi-Fi hacking, every protocol, every attack
The complete methodology for auditing wireless networks. From WEP to WPA3, from WPS bruteforce to PMKID capture, from deauth to evil twin. Every protocol, every attack vector, every terminal output. The guide I wish existed when I started.
05 mai 2026
ADB over internet, root access for everyone
Android Debug Bridge is a powerful developer tool. When left exposed on the internet, it becomes a root shell with zero authentication. This is the complete methodology: from recon to post-exploitation, and everything people forget to check.
05 mai 2026
Red-team an LLM, avoid false positives
garak is the tool for scanning LLM vulnerabilities. Although the technique seems simple, it's not straightforward to use without drowning in noise. This article is a writeup of my deep dive into the project's internals.
11 févr. 2026
CVE-2024-29643: When a Single Header Breaks Everything
How a simple Host header manipulation poisoned Croogo's RSS feed and opened the door to phishing and domain spoofing.
06 févr. 2026
CVE-2026-25050: How a 300ms Difference Unmasked Vendure Users
A deep dive into a timing attack vulnerability I discovered in Vendure's NativeAuthenticationStrategy.
06 sept. 2025
Deep Dive: Kerberoasting Attacks
Understanding the mechanics of Kerberos tickets and how attackers crack service account passwords offline.
23 août 2025
Blue Teamer
Une collection massive de 60+ outils et ressources pour la défense, le monitoring et la réponse aux incidents (Blue Teaming).
22 août 2025
Red Teamer: Offensive Methodologies
Analyse des techniques d'intrusion et de post-exploitation en environnement sécurisé.