Technology on

Rapid7 Velociraptor Exploit PoC

Wed, 22 Apr 2026 07:07:07 +0100

What is Velociraptor?

Velociraptor is an open-source endpoint monitoring, digital forensic and cyber response platform with plenty of capabilties. Originally developed by Rapid7, it now has over 100 contributors on GitHub. Security professionals with varying levels of access use this Security tool. Given all of the privileges this software has, as an attacker, vulnerabilities in it make it all the more juicy.

Understanding the Vulnerability

CVE-2025-6264

Affected versions before 0.74.3
Affects Windows, MacOS and Linux

To detect unintended privilege escalations in custom artifacts, users should run the artifact verifier as described here: https://docs.velociraptor.app/docs/artifacts/security/#restricting-dangerous-client-artifacts

Setup Windows 11 VM on Arch Linux

Tue, 10 Mar 2026 07:07:07 +0100

Qemu on its own can be a bit scary but don’t worry this is super easy. If you already have Qemu/KVM setup go to Windows Installation Media. Lets jump straight into it:

Qemu/KVM

Just making sure your system can use the software, then installing it :)

Make sure you update your system first!

KVM

https://wiki.archlinux.org/title/KVM

Kernel-based Virtual Machine (KVM) makes hosting virtual machines super easy.

Check for processor support: LC_ALL=C.UTF-8 lscpu | grep Virtualization
- Should return ADM-V or VT-x
- If nothing returns, you can’t use KVM.
Check for necessary kernel modules: zgrep CONFIG_KVM= /proc/config.gz
- Should return either y or m
Make sure the modules are loaded:

$ lsmod | grep kvm

kvm_intel             245760  0
kvmgt                  28672  0
mdev                   20480  2 kvmgt,vfio_mdev
vfio                   32768  3 kvmgt,vfio_mdev,vfio_iommu_type1
kvm                   737280  2 kvmgt,kvm_intel
irqbypass              16384  1 kvm

libvirt

https://wiki.archlinux.org/title/Libvirt#Client

Developing Implants for Chinese Targets

Fri, 09 Jan 2026 07:07:07 +0100

Implant Communication

Typical communications for C2s will be over commonly used ports such as HTTPS, ICMP, or DNS. We can use these common protocols to come up with interesting methods of communication. Another option is to use public platforms and communicate through them. We can use steganography for communication through images, dead drops with something like Pastebin, or encoded YouTube comments. With mainland China targets, we run into many more roadblocks.

Monero Node on A Raspi5

Thu, 06 Feb 2025 07:07:07 +0100

DietPi

The locales and keyboard setting are not set to en_US.UTF-8
- Make this change and select the correct keyboard layout
Once connected to the internet DietPi will update

Install the packages you want for general use

sudo apt install vim ufw fail2ban unattended-upgrades tor

Configure External SSD for the blockchain

sudo fdisk -l # identify your drive sudo mkfs.ext4 /dev/sdX # replace X with your drive letter sudo mkdir /mnt/blockchain sudo mount /dev/sdX /mnt/blockchain

Setting Up a Site With Hugo

Sat, 14 Sep 2024 07:07:07 +0100

Intro

You don’t need to read this part really :3 Just me blabing. I wrote this as I installed and setup Hugo for the first time and documented issues I had along the way. Despite it being documentation for myself, this can also be used as a guide! I decided to use Hugo because I wanted to create a blog section for my website. I tried using Jekyll but I’m not a fan of Ruby. Also, Jekyll and its documentation felt dated compared to Hugo; which is written in Go. Being a fan of Rust I also looked at Zola; However Hugo felt like a better fit. At the end there is an install script.

Self Host Your Website without Opening Ports

Sat, 09 Mar 2024 07:07:07 +0100

This post is a follow along to a Youtube video walk-through that I recorded. We will be setting up a home server to host a web application without opening any ports on my home network. To accomplish this I’ll be using a Cloudflare tunnel.

[!note] The $ denotes a terminal command. Anything before $ denotes the current working directory.

0. Prerequisites

Remote Server
Cloudflare Account
Reliable Internet Connection

[!warning] A little disclaimer: I am not a professional; just a student. Do your own research but this should help you get up and running. For the most part I am just following Cloudflare and other documentation. I highly recommend you read through official documentation as needed.

Windows Kernel Exploitation

Fri, 16 Feb 2024 07:07:07 +0100

This journey was a project I worked on between classes before deciding to make it my final project for my Security 2 class. This will start by diving into Windows internals then reverse engineering and finally exploiting. However, as it stands right now the exploit just results in bluescreening the target machine. I will continue learning with this project in the future as it has already been a great learning adventure.

Operating System Build

Thu, 28 Sep 2023 07:07:07 +0100

Setup

Using Windows Subsystem for Linux (Debian)

Install list
- gcc
- build-essential
- bison
- flex
- libgmp3-dev
- libmpc-dev
- libmpfr-dev
- texinfo
Cross-Compiler
- git clone https://github.com/lordmilko/i686-elf-tools
- cd i686-elf-tools
- ./i686-elf-tools.sh linux

Using Manjaro VM

Dependencies
- GCC (existing release you wish to replace), or another system C compiler
- G++ (if building a version of GCC >= 4.8.0), or another system C++ compiler
- Make
- Bison
- Flex
- GMP
- MPFR
- MPC
Download gcc and bin-utils to src and make them

Booting the Operating System

The bootloader, such as GRUB, used to start/load the operating system.
The operating system needs to handle when the bootloader passes control to it.
The kernel is passed a very minimal environment where the stack is not yet setup.
Because there is no stack yet, we must make sure global variables are set correctly.
- This is done in assembly

Bootstrap Assembly

i686-linux-gnu-as boot.s -o boot.o