Writing a Stager
We build a shellcode stager in C that fetches Apollo over the network in chunks, loads it with NT-layer calls, and executes it. Along the way we get i...
[0xf4de://field-notes]
Latest Posts
Offensive security, C2 infrastructure, shellcode, and lab builds from 0xf4de.
Read entry →
Building the South Park Range with Ludus
Stand up the South Park range on Ludus. AD environment, a Debian redirector, and a Kali C2 box wired together the way a real engagement looks.
Stagers, Agents, and the Chain Between Them
An intro to modern C2 infrastructure. We cover the moving parts of a post-exploitation chain, how stagers and agents fit together, and why the Metaspl...
TeamCity Authentication Bypass Vulnerability - CVE-2024-27198
Learn how to exploit CVE-2024-27198, a critical authentication bypass vulnerability found in JetBrains TeamCity's web component.
Authentik SSO with FastAPI
Set up Authentik as a self-hosted SSO provider and wire it into the FastAPI todo app. We compare Authentik to Keycloak so you can pick the right tool ...
Keycloak SSO with FastAPI
Replace our homegrown JWT auth with Keycloak as a dedicated identity provider. We cover standing up Keycloak with Docker, configuring a realm and clie...
Docker vs Podman: Which One for Your Homelab?
Docker and Podman both run containers, but they have meaningful differences in how they are architected, what permissions they require, and how they b...
Build and Deploy the Todo App with Docker Compose
Package the FastAPI backend and React frontend into Docker containers and wire them together with Docker Compose. We cover SQLite volume mounts, envir...
Building a User Interface for Your To-Do Application
Build the React frontend for our full-stack todo app. We will wire up components, connect to the FastAPI backend, and cover the Web Share API along th...
Todo API Creation with FastAPI
Build a Todo API with FastAPI and SQLite. Step-by-step walkthrough covering database setup with SQLAlchemy, models, routes, and why we make the choice...
Securing FastAPI with OAuth2 and JWT
Add real authentication to the FastAPI todo API using OAuth2 password flow and JWT tokens. We cover password hashing, token issuance, protected routes...
Exploiting PrintNightmare CVE-2021-34527
Learn how to leverage the Print Spooler vulnerability to gain remote code execution and elevate privileges on Windows machines. This blog post provide...