October 2025 – Adversary Fan Fiction Writers Guild
1 post published by rsmudge during October 2025| Adversary Fan Fiction Writers Guild
1 post published by rsmudge during October 2025| Adversary Fan Fiction Writers Guild
When I started work on Crystal Palace, my initial thought was to see how much I could ease development of position-independent code DLL capability loaders using the tools and manipulations possible…| Adversary Fan Fiction Writers Guild
2 posts published by rsmudge during September 2025| Adversary Fan Fiction Writers Guild
“An individual working in one of our facilities accidentally downloaded a malicious file that they thought was legitimate. We have no reason to believe this was anything but an honest mistake.” …| Adversary Fan Fiction Writers Guild
1 post published by rsmudge during March 2025| Adversary Fan Fiction Writers Guild
I have a personal interest in incidents of vendor disparagement and attacks on security researchers (and their security research). It’s in this context I need to address Elastic’s July 2025 blog post: ‘Taking SHELLTER: a commercial evasion framework abused in-the-wild.‘ I see this as a vendor fearmongering exercise. Elastic has motivated why SHELLTER is a … Continue reading Taking them to the SHITTER: an analysis of vendor abuse of security research in-the-wild| Adversary Fan Fiction Writers Guild
Today, I’m releasing another update to the various Tradecraft Garden projects. This update is a dose of Future C2 and some cool updates to the Crystal Palace tech. Here’s the latest: Code Mutation and More… This release adds a Binary Transformation Framework (BTF) to Crystal Palace. The BTF is the ability to disassemble programs, modify … Continue reading Tradecraft Garden: Tilling the Soil| Adversary Fan Fiction Writers Guild
When I was active in the red teaming space, one of my stated goals was to act on problems with solutions that would have utility 5-10 years from the time of their release. This long-term thinking was my super-power. One of the lasting fruits of my approach is Beacon Object Files. Five years ago, today … Continue reading Beacon Object Files – Five Years On…| Adversary Fan Fiction Writers Guild
Last year, I sat down to explore exception handlers and page permissions for masking payloads in memory. The POC was easy. I hit trouble building it into a position-independent DLL loader. I needed global variables and a means to package multiple resources together. Basic things were just too hard. I realized, wow, these are fundamental … Continue reading Planting a Tradecraft Garden| Adversary Fan Fiction Writers Guild
This video walks through a history of Cobalt Strike's use of PowerShell, Reflective DLLs, .NET, and Beacon Object Files. The discussion ends with a preview of some ideas I expect to act on and socialize next.| Adversary Fan Fiction Writers Guild
Is Offensive Security just security testing? No. Offensive security is a way of thinking about the current security context, predicting what’s next, exploring those hypotheses, and adding to the se…| Adversary Fan Fiction Writers Guild
Ignorantia Invinciblis| Adversary Fan Fiction Writers Guild
I’m back with another update to the Tradecraft Garden project. Again, this release is focused on the Crystal Palace linker. My priority in this young project is to build the foundation first, then …| Adversary Fan Fiction Writers Guild
