Home

Articles

Deep dives into offensive techniques, malware internals, and interesting attack surfaces. Most focused on reverse engineering but there will be posts about whatever else catches my attention.
LLM notes cover

A Post About LLMs

Personal notes on how LLMs actually work under the hood — transformers, neurons, weights, biases, training vs inference, and everything in between.

April 28, 2025 · 9 min · 1756 words · david (tomato)
Discord is there, enjoy it

Discord DLL Hijacking

How Discord’s DLL search order can be abused to load attacker-controlled code. Covers DLL basics, cross-compiling from Linux with mingw64, procmon analysis, and dropping a rogue d3d12.dll.

April 28, 2025 · 6 min · 1083 words · david (tomato)

What's Heaven's Gate and how it's used on malwares

Breaking down the Heaven’s Gate technique: WoW64 internals, how Windows handles 32-bit processes on 64-bit systems, and what actually happens at that far jump switching code segments — with live debugging in x32dbg and WinDbg.

January 28, 2025 · 16 min · 3375 words · david (tomato)