Blog

CVE-2021-40444 PoC Demonstration

Introduction This week, a new zero-day vulnerability was disclosed affecting Microsoft Office applications. CVE-2021-40444 made waves throughout the cybersecurity industry for its ability to perform remote code execution on Windows operating systems with minimal interaction from the user. By simply opening a specially crafted Microsoft Office document, remote code execution could be obtained. Within a … Continue reading CVE-2021-40444 PoC Demonstration

Spoofing an Android Phone to Exploit the Razer Local Privilege Escalation Vulnerability

Intro Last Sunday, on a particularly lazy afternoon, I came across a Tweet that caught my attention. It was a demonstration of a local privilege escalation vulnerability that is possible when plugging in a Razer device to any Windows machine. The TL;DR of this vulnerability is that Windows identifies the drivers and software required for … Continue reading Spoofing an Android Phone to Exploit the Razer Local Privilege Escalation Vulnerability

eLearnSecurity Web Application Penetration Tester (eWPT) Review

I finished the Web Application Penetration Tester course from eLearnSecurity a couple months ago. This was a long time coming, and I had delayed studying for this course for quite some time but finally got around to finishing it off before I completely forgot about it’s existence. I haven’t posted a course review in a … Continue reading eLearnSecurity Web Application Penetration Tester (eWPT) Review

How To Pass the OSCP – a Beginner Friendly Guide

I wanted to make this post detailing everything I did when studying for the OSCP examination. I made a lot of mistakes along the way, and my path was far from the most efficient or effective method for studying toward the OSCP. Nevertheless, I did learn something from every resource listed here and I strongly … Continue reading How To Pass the OSCP – a Beginner Friendly Guide

eLearnSecurity Junior Penetration Tester (eJPT) – Course Review

I recently completed the Junior Penetration Tester certification, provided by eLearnSecurity. There are a number of reasons as to why I did this, but the main one is that I was felt myself losing motivation. Work and general life has been extremely busy for me lately, and I have struggled to find the time or energy … Continue reading eLearnSecurity Junior Penetration Tester (eJPT) – Course Review