CVE-2025-26244 - Stored Cross Site Scripting (XSS) in DeimosC2-v1.1.0-Beta leads to escalation of privileges.

Summary CVE ID: CVE-2025-26244 Vendor: CyberOneSecurity Product: DeimosC2 Affected Version: v1.1.0-Beta Vulnerability Type: Stored Cross-Site Scripti...

Apr 16, 2025 Exploits

Lockpick 4.0 Writeup

Lockpick4.0 is the 4th edition to a series of sherlocks that places you at Forela.org’s Incident Response (IR) team our job is to reverse engineer the malware to find Indicators of Compromise. The...

Sep 10, 2024 Malware-Analysis

Dumping Stealers from it's AutoIT loader

Intro I have analysed two files which I downloaded from Malware Bazaar. These two files dropped AgentTesla. According to malpedia AgentTesla is: “A .NET based information stealer readily availa...

Jun 29, 2024 Malware-Analysis

Manual Mapping Injection

What is Manual Mapping? Manual Mapping injection is one technique for injecting DLL’s into processes. This was very popular in the video game cheating scene. You are essentially emulating what Load...

May 30, 2024 writeups

Old Writeups

Before I created this blog I had a Git Repository dedicated to my writeups here is the link to each writeup. Tryhackme Basic Malware RE - here Malbuster - here HackTheBox Sau - here Vulnhub Devg...

Apr 24, 2024 writeups