Home / Blog

Blog

Technical writeups, exploit development journals, vulnerability analysis, and perspectives from the offensive security trenches.

★ Featured Post

Getting Started: Building This Blog as a Vulnerability Researcher

Welcome to Kulprit Studios. This is where I'll be documenting my journey through exploit development, vulnerability research, and the long road to OSEE certification. Expect raw technical content, lab walkthroughs, and honest takes on the offensive security community.

Feb 2025 5 min read Exploit Dev · Opinion
2025.02.10

Heap Feng Shui: Controlling the Windows Low Fragmentation Heap

A deep dive into LFH internals, bucket allocation strategies, and practical techniques for deterministic heap layout manipulation during exploit development.

Exploit Dev Windows Heap
2025.02.05

WinDbg Survival Guide for EXP-401 Students

Essential WinDbg commands, extensions, and workflows every OSEE candidate should have burned into muscle memory before sitting the 72-hour exam.

OSEE Tools WinDbg
2025.01.28

Return-Oriented Programming in 2025: What Still Works

A practical assessment of ROP chain construction against modern Windows mitigations including CFG, CET, and ACG. Where do we stand?

Exploit Dev ROP Mitigations
2025.01.20

Setting Up a Vuln Research Lab: From Bare Metal to First Crash

A complete walkthrough of building an isolated vulnerability research environment with VMware, snapshot management, and integrated debugging.

Vuln Research Lab Setup Tooling
2025.01.12

Use-After-Free Exploitation: From Dangling Pointer to Code Execution

Walking through the full lifecycle of a UaF vulnerability — root cause analysis, heap grooming, object reclamation, and achieving reliable code execution.

Exploit Dev UaF Heap