Technical

Pi-hole's pihole user is low-privileged. It's configured with nologin. It looks contained. It isn't. Here's how a writable file and a trusting root process combine into a clean privilege escalation path.

fallback image

CVE-2026-33727 – When “Low Privilege” Isn’t Low Enough: A Pi-hole LPE Story

Pi-hole's pihole user is low-privileged. It's configured with nologin. It looks contained. It isn't. Here's how a writable file and…
Dimly lit computer in a dark room, evoking hidden threats and reduced visibility.

Why So Syscalls? BOF Edition

Ibai Castells explains how moving from high level Windows APIs to lower level syscall usage alters what EDRs observe. It…
Classic vs Passthrough path to choose

Cobalt Strike External C2 Passthrough Guide

Cobalt Strike’s passthrough mode reshapes how red teams use External C2. By taking control of shellcode staging and custom channels,…