About
Most content is in English. Use your browser’s translate function for other languages (right-click → Translate page). Spanish-original posts are tagged
lang:es.
SixSixSix
Independent offensive security research.
Focus
- Linux kernel exploitation — softirq-context primitives, backport-gap surface, RDMA/iSCSI/SMB stacks
- EDR / endpoint evasion — patchless AMSI/ETW bypass, ETW provider sidestepping, user-mode → kernel hand-off
- Active Directory — provider-LDAP avoidance, LDAP collection without
wldap32 - Web app & API security — auth-chain composition (low + low = P1), SAML/OAuth/SSO collision patterns
- Mobile — Android intent fuzzing, Pixel system services
Disclosure
Coordination paths:
- Linux kernel —
linux-cve-announce@,security@kernel.org - Android — Google ASR
- Vendor PSIRTs / selected bug bounty programs
- ZDI for paid disclosures where applicable
For security-sensitive disclosures, prefer encrypted channels. PGP key on request via the inbox below.
Contact
PGP key and contact inbox on request via an issue on this repository.
Colophon
Built with Jekyll + the Chirpy theme. Hosted on GitHub Pages.