home

# recent gists - ops/[filespoof_memfd.gdb](https://gist.github.com/zimnyaa/9cb8492456404648ab166bb13b9908e0) - ops/[ESC4-to-ESC3](https://gist.github.com/zimnyaa/f356d65fed47ad721c4078b07c2617dc) - execution/[caveman-bof](https://gist.github.com/zimnyaa/c5a06a774255ca087d1453c681a671aa) - execution/[rwxscan](https://gist.github.com/zimnyaa/a80063d723bc9f894322ed37bf304b73) - ops/[sliverbof.py](https://gist.github.com/zimnyaa/4b5ceb41ced9919216698fae6dd7e992) - network/[cisco-beacon](https://gist.github.com/zimnyaa/d6b1878d271a8e059ff3ff33619e0055) - execution/[SW2_trampolines](https://gist.github.com/zimnyaa/1c108d9bade520023356439618ecba4e) - ops/[sliver-redir](https://gist.github.com/zimnyaa/21402f7be4e9f6e36b06e3e908c95678) & ops/[check-sliver](https://gist.github.com/zimnyaa/7ea35c5c266c99f08063f431be4e5ffc) - active-directory/[pywsus-dhcpv6](https://gist.github.com/zimnyaa/bc5e50a24f7110f2bc09f5439e9551aa) # recent posts execution/[[bash-powerup]] *04/26* ops/[[sambadc]] *12/25* ops/[[simple-mikrotik-beacon]] *07/25* execution/[[byovm]] *05/25* ops/[[pamsh]] *02/25* ops/[[nginx-ptrace-configspoof]] *11/24* ops/[[remotechrome]] *08/24* ops/[[pidfd-getfd-shell]] *06/24* ops/[[freeipa-postexploitation]] *03/24* (very small update on *09/25*) ops/[[sliver-forward-pivoting]] *12/23* execution/[[golang-winmaldev-basics]] *06/23* (updated *11/23*) ops/[[grpcssh]] *09/23* execution/[[caveman-bofs]] *07/23* opsec/[[nimplant-first-look]] *07/23* execution/[[replacing-memfd-with-fuse]] *04/23* ops/[[simple-opnsense-beacon]] *03/23* ops/[[simple-cisco-beacon]] *03/23* execution/[[python-inmemory-bof]] *01/23* execution/[[insomnia]] *12/22* initial-access/[[ritm-windows-desktop-auth]] *12/22* ops/[[imapbox-elastic]] *10/22* execution/[[phase-dive-sleep-obfuscation]] *10/22* appsec/[[java-injection-slides]] *09/22* appsec/[[secret-management-slides]] *09/22* initial-access/[[antisandbox-smuggling]] 07/22 execution/[[linux-evasion-primitives]] *06/22* opsec/[[nowatch-prealpha-release]] *04/22* appsec/[[ai-scanners]] *04/22* execution/[[bof-lazy-loading]] *04/22* ops/[[active-directory-gists]] *04/22* initial-access/[[exchange-peas]] *04/22* opsec/[[named-pipe-pivoting-opsec]] *02/22* opsec/[[sliver-opsec-notes]] *02/22* (screwed that one up a bit, updated) initial-access/[[xll-delivery]] *02/22* execution/[[nim-fibers]] *01/22* execution/[[nim-noload-dll-hollowing]] *01/22* execution/[[pyd-execute-assembly]] [updated] *01/22* initial-access/[[simple-iso-lnk]] [updated] *12/21* initial-access/[[practical-usb-keystroke-injection]] *12/21* **[github link](https://github.com/zimnyaa)** # about I'm a Ukrainian red team operator currently employed at [Tenendo](https://tenendo.com). Due to the war currently going on in my country, I have less time to spend on this blog. After we win, I hope I'll resume actively posting.