Work Experience Elite Technical Support Engineer (III) @ Tenable July 2025 - Present Lead vulnerability management efforts for strategic enterprise environments, supporting complex Tenable deplo...

This web application is vulnerable to CVE-2024-4367, a result of containing a vulnerable version of the PDF.js library. https://codeanlabs.com/blog/research/cve-2024-4367-arbitrary-js-execution-in...

Background In recent times, Google Ads has become a prime target for phishing attacks. Threat actors are leveraging the platform’s credibility to deceive users and gain unauthorized access to sensi...

Introduction This phishing campaign has been by far one of the more reactive ones I’ve personally run into. I even managed a few words out of the admin before he grew bored of me : ( There is a lo...

Intro Received an email from no-reply@je-suis-licencie.info, with a basic invoice phishing content in German. Initial Infection This malware came disguised as a zip folder. Rechnung_BTKR24_0008703...

Intro This malware came from a spam email received from: no-reply@clarinetthai.com The email was written in German, however the code is using a Russian IP Initial Infection This malware came disg...

Update 7/25 We now get the following when visiting all domains mentioned: <html><body><h1>503 Service Unavailable</h1> No server is available to handle this request. </...

Intro We know we have to find 6 flags, lets see where we can get them from. Enumeration I started off with a simple nmap scan using the --top-ports flag, I like this as it is pretty good at findin...

Intro This box askes us to find a root flag, not much else in regards to direction or hints. Let’s start with Enumeration rustscan -a 10.10.40.22 I like using rustscan initally as it is fast and ...

Intro This box askes us to find a user and root flag, not much else in regards to direction or hints. Let’s start with Enumeration rustscan -a 10.10.2.80 I like using rustscan initally as it is f...