Shellcode
DFIR
A Tale of an MSBuild In-Line Task
This post covers an incident response analysis of a malicious MSBuild in-line task file containing an embedded Cobalt Strike beacon DLL, including the method used to extract and statically analyze the payload.
Binary Exploitation
Handcrafting Linux Shellcode
A tutorial on writing 32-bit Linux shellcode from scratch using NASM assembly, covering execve system call conventions, stack-based string construction, bad character avoidance, and opcode extraction.