https://huskyhacks.io Research notes, labs, and writeups on cybersecurity, malware analysis, and red teaming. Zola en Tue, 24 Mar 2026 00:00:00 +0000 Tue, 24 Mar 2026 00:00:00 +0000 Matt Kiely | HuskyHacks https://huskyhacks.io/posts/litellm-cred-stealer/ https://huskyhacks.io/posts/litellm-cred-stealer/ A deep dive into the malicious LiteLLM PyPI release - .pth hijacking, layered base64, hybrid crypto exfil, and a dead drop C2 stub. Sun, 22 Mar 2026 00:00:00 +0000 Matt Kiely | HuskyHacks https://huskyhacks.io/posts/measure-twice-agentic-security-detection-evaluation/ https://huskyhacks.io/posts/measure-twice-agentic-security-detection-evaluation/ On applying scientific skepticism and rigor to the measurement of agentic security systems. Tue, 28 May 2024 00:00:00 +0000 Matt Kiely | HuskyHacks https://huskyhacks.io/blog/helpfuldesk-walkthrough-nahamcon-2024-ctf/ https://huskyhacks.io/blog/helpfuldesk-walkthrough-nahamcon-2024-ctf/ Walkthrough for the HelpfulDesk web challenge from NahamCon 2024 (easy / easy-plus), inspired by the ConnectWise ScreenConnect auth-bypass class of bugs. Wed, 04 Jan 2023 00:00:00 +0000 Matt Kiely | HuskyHacks https://huskyhacks.io/blog/chatgpt-malware-analysis/ https://huskyhacks.io/blog/chatgpt-malware-analysis/ All aboard the hype train! Next stop, JScript Malware Deobfuscation Station! I will waste no time introducing ChatGPT. The technology needs no introduction.… Mon, 12 Sep 2022 00:00:00 +0000 Matt Kiely | HuskyHacks https://huskyhacks.io/blog/malware-analysis-labs-internal-network-vs-host-only/ https://huskyhacks.io/blog/malware-analysis-labs-internal-network-vs-host-only/ This is a free and open section for Practical Malware Analysis & Triage. The full 9+ hour course is available on TCM Security Academy for $29.99. The first 5… Sat, 30 Jul 2022 00:00:00 +0000 Matt Kiely | HuskyHacks https://huskyhacks.io/posts/on-patching-binaries/ https://huskyhacks.io/posts/on-patching-binaries/ This is a free and open section of Practical Malware Analysis & Triage PMAT , available on TCM Security Academy: Practical Malware Analysis & Triage… Sat, 16 Jul 2022 00:00:00 +0000 Matt Kiely | HuskyHacks https://huskyhacks.io/posts/ms-interloper-malicious-msis/ https://huskyhacks.io/posts/ms-interloper-malicious-msis/ I completed an engagement recently where I designed my threat plan around the recent rash of malicious Windows Installer Microsoft Installer, or MSI programs.… Sat, 30 Apr 2022 00:00:00 +0000 Matt Kiely | HuskyHacks https://huskyhacks.io/blog/red-team-infrastructure-done-right/ https://huskyhacks.io/blog/red-team-infrastructure-done-right/ Or at least done safely. 5/18/22 Edit: Hey there! I ended up doing a stream with Taggart on this subject . It was a good time. Check it out here:… Sat, 16 Apr 2022 00:00:00 +0000 Matt Kiely | HuskyHacks https://huskyhacks.io/posts/com-hijacking-creative-cloud/ https://huskyhacks.io/posts/com-hijacking-creative-cloud/ The deep magics of the Component Object Model continually amaze me. Our subject for today’s note post is COM hijacking Adobe Creative Cloud for userland… Thu, 14 Apr 2022 00:00:00 +0000 Matt Kiely | HuskyHacks https://huskyhacks.io/posts/failing-all-the-way-to-token-manipulation-part-1/ https://huskyhacks.io/posts/failing-all-the-way-to-token-manipulation-part-1/ I’ve been on a quest to add SCShell https://github.com/Mr-Un1k0d3r/SCShell functionality to OffensiveNotion https://github.com/mttaggart/OffensiveNotion .… Fri, 08 Apr 2022 00:00:00 +0000 Matt Kiely | HuskyHacks https://huskyhacks.io/posts/dll-hijacking-notion-exe/ https://huskyhacks.io/posts/dll-hijacking-notion-exe/ Notion.exe loads quite a few DLLs that are not found in the default install directory of the app itself. It also loads a few that can be outright replaced… Sun, 27 Feb 2022 00:00:00 +0000 Matt Kiely | HuskyHacks https://huskyhacks.io/posts/we-put-a-c2-in-your-notetaking-app-offensivenotion/ https://huskyhacks.io/posts/we-put-a-c2-in-your-notetaking-app-offensivenotion/ Using the Notion developer API as a C2 platform — co-developed with mttaggart.