The Armored Code

A blog talking about offensive and defensive security and how to craft software in a secure way

Featured

All Stories

A tale of a restricted charset shellcode generation

A tale of a restricted charset shellcode generation

During my OSCE exam preparation I had to deal with shellcode writing experience where very few allower characters were available.

thesp0nge
19 Apr 2019

Create your own telemetry system

Create your own telemetry system

In order to monitor dawnscanner security scaner usage, I introduced in upcoming version 2.0.0, a telemetry system.

thesp0nge
17 Apr 2019

How an excercise eventually becomes my first public exploit

How an excercise eventually becomes my first public exploit

A couple of days ago, I was working on my exploit-writing routine as preparation for my upcoming OSCE examination.

thesp0nge
26 Mar 2019

Backflip into the stack

Backflip into the stack

During my OSCE journey I came across an interesting technique to jump backwards into the very beginning of the buffer injected on the vulnerable process.

thesp0nge
19 Mar 2019

A closer look to msf-egghunter

A closer look to msf-egghunter

The egghunting is a technique used in exploit writing to deal with evil shellcode to be placed in a memory location different from the one we are redirected via EIP...

thesp0nge
22 Feb 2019

Digging into Vulnserver: fuzzing it

Digging into Vulnserver: fuzzing it

Vulnserver is a Win32 application built to simulate a TCP/IP server listening on port 9999 and accepting commands from unauthenticated clients.

thesp0nge
15 Feb 2019

Never miss a story from us, subscribe to our newsletter

Explore →

Osce (3) Tools (1) Offensive (1) Armoredbasics (1) Getting-root (1) Vulnserver (1)