-
Living on the Edge: How I Ditched WordPress for a Fully Static Site on Cloudflare's Global Network
I moved my blog from a managed WordPress host to a fully static site built with Astro, KeyStatic, and Jekyll, deployed on Cloudflare Pages. Here's why going static and serving from 330+ edge locations beats a traditional CMS and costs nothing.
read more → -
Domain Fronting is Dead. Long Live Domain Fronting!
We discovered that domain fronting still works against Google's infrastructure, enabling covert C2 traffic through services like Google Meet, YouTube, and GCP. This research demonstrates how attackers can tunnel traffic through domains too critical for organizations to block.
read more → -
Beyond the Last Mile: How Internet Routing Shapes Red Team Ops
Understanding how internet routing infrastructure impacts red team operations, particularly for traffic tunneling and data exfiltration. Exploring why routing paths, international transit, and peering relationships often matter more than raw connection speeds.
read more → -
Analyzing a Modern Linux Kernel Vulnerability (CVE-2023-0266)
Deep dive into CVE-2023-0266, a race condition vulnerability in the Linux kernel sound subsystem that was exploited in-the-wild against Android devices. Exploring the technical details of how 32-bit/64-bit compatibility layers introduced a use-after-free condition.
read more →