Tutorials
Hands-on tutorials covering system administration, security hardening, and infrastructure automation.
Structured series that build skills progressively.
A progressive path from CPU registers to remote exploitation, covering stack overflows, ROP chains, NX and ASLR bypasses on x86 and x64 Linux.
Exploit development on Windows — from classic stack overflows through SEH hijacking to egghunter techniques using Immunity Debugger and mona.py.
Build an embedded security lab with Buildroot and QEMU, audit the attack surface of minimal Linux images, and reverse-engineer real firmware.
Apply machine learning to security operations — from local RAG pipelines and anomaly detection to ROP gadget classification with XGBoost.
A progressive path from LLM fundamentals through prompt injection, jailbreaking, and agentic exploitation to structured red teaming methodology for production AI systems.
Feb 27, 2026
beginnerUnderstand how large language models process text through tokenization, manage context windows, and where these mechanics create exploitable attack surface for red teamers.
Read the tutorialFeb 20, 2026
intermediateBuild a web app that exposes tools to AI agents via WebMCP, then demonstrate four attack classes: tool poisoning, schema mismatch, response injection, and cross-tool exfiltration.
Read the tutorialJan 30, 2026
advancedExploit four container escape techniques — privileged mounts, Docker socket abuse, namespace escapes, and cgroup release_agent — then harden against each one.
Read the tutorialJan 15, 2026
advancedBuild a machine learning classifier that predicts whether a ROP gadget is useful for exploit chains, using features extracted from x64 disassembly and XGBoost.
Read the tutorialJan 9, 2026
intermediateBuild a stripped embedded Linux image with Buildroot, then systematically audit it: open ports, exposed syscalls, suid binaries, kernel modules, and writable paths — then harden it and measure the difference.
Read the tutorialJan 8, 2026
advancedExtract firmware from an IoT device update file, unpack the filesystem, identify interesting binaries, and reverse engineer them in Ghidra to find real vulnerabilities.
Read the tutorialDec 18, 2025
intermediateSet up a complete embedded Linux development environment: build a custom ARM image with Buildroot, boot it in QEMU, and remotely debug binaries with GDB — no hardware required.
Read the tutorialDec 11, 2025
intermediateBuild a lightweight anomaly detection pipeline that flags suspicious Linux sessions using auditd logs, feature engineering, and scikit-learn — no GPU required.
Read the tutorialDec 4, 2025
intermediateA hands-on guide to building a retrieval-augmented generation pipeline that runs entirely on your machine, using security advisories as the knowledge base.
Read the tutorialNov 20, 2025
beginnerA step-by-step guide to writing custom Wazuh decoders and rules, from reading a raw syslog line to triggering an alert.
Read the tutorialNov 13, 2025
intermediateStep-by-step recovery for a Pop!_OS kernel panic after an interrupted update.
Read the tutorialNov 6, 2025
advancedUse egghunter shellcode to locate and execute a larger payload when buffer space is limited.
Read the tutorialOct 30, 2025
advancedExploit Structured Exception Handler (SEH) overflows on Windows, bypassing SafeSEH protections to achieve code execution.
Read the tutorialOct 23, 2025
intermediateExploit a classic stack buffer overflow on Windows, from crash discovery to shellcode execution using Immunity Debugger and mona.py.
Read the tutorialOct 16, 2025
advancedExploit a remote x86 Linux service by leaking addresses to bypass PIE, splitting shellcode across discontinuous buffers, and reusing the existing socket to evade firewall rules.
Read the tutorialOct 9, 2025
advancedDefeat Address Space Layout Randomization by leveraging fixed addresses in the binary when PIE is disabled.
Read the tutorialOct 2, 2025
advancedUse Return-Oriented Programming to call mprotect() and make stack memory executable, then jump to shellcode on x64 Linux.
Read the tutorialSep 25, 2025
advancedUse Return-Oriented Programming to bypass NX protection on 64-bit Linux, chaining gadgets to call system() with /bin/sh.
Read the tutorialSep 18, 2025
intermediateA practical reference for finding, filtering, and verifying ROP gadgets using ropper, ROPgadget, and GDB-PEDA. Covers common workflows, advanced filtering, and chaining strategies.
Read the tutorialSep 11, 2025
intermediateExploit stack buffer overflows on 64-bit Linux systems, understanding the differences from x86 including register usage and address handling.
Read the tutorialSep 4, 2025
intermediateBypass NX protection by returning to libc functions instead of executing shellcode on the stack. Learn to leak addresses and chain function calls.
Read the tutorialAug 28, 2025
beginnerLearn how to exploit a basic stack buffer overflow to redirect execution to a hidden function in a SUID binary and gain elevated privileges.
Read the tutorialAug 21, 2025
intermediateA comprehensive guide to exploiting stack buffer overflows on 32-bit Linux systems, from vulnerability discovery to shellcode execution.
Read the tutorialAug 14, 2025
intermediateHow Linux syscalls work at the instruction level — int 0x80 vs syscall, register setup, and the key syscalls used in shellcode and ROP chains.
Read the tutorialAug 8, 2025
beginnerHow the stack works in x86 and x64 Linux — process memory layout, push and pop mechanics, function prologues and epilogues, and why buffer overflows can overwrite the return address.
Read the tutorialAug 7, 2025
beginnerA practical guide to CPU registers, partial register access, flags, and how function arguments are passed on x86 and x64 Linux.
Read the tutorialJan 15, 2024
advancedA comprehensive guide to installing Arch Linux with full disk encryption, secure boot, and hardened security configuration.
Read the tutorial