Posts

Scapy or C are easy, but true control lies in the CPU cycles. Learn how to build a raw socket sniffer from scratch in x64 Assembly, bypassing libc for pure kernel interaction.

Traditional kernel modules are risky. eBPF provides a safe, high-speed ‘superpower’ for the Linux Kernel. Learn how XDP and kprobes revolutionize networking and tracing.

Firewalls allow ICMP, but do they parse nested structures? Discover how to encapsulate protocols within ICMP Type 3 error messages to evaluate DPI resilience.

True stealth is about blending into the noise. Discover how to use hardware-level timing, protocol mimicry, and jitter to make C2 traffic indistinguishable from legitimate activity.

Stop analysts in their tracks. Learn how to leverage PTRACE_TRACEME and PR_SET_DUMPABLE syscalls to harden your agents against debuggers and memory acquisition.