Alok's Blog: Offensive Security Insights

The Digital Notebook 📚

My collection of deep-dive articles, vulnerability research analyses, and notes on Red Teaming methodologies.

Exploit Development Oct 29, 2025

From Lure to Shell: Reproducing APT37’s CHM Exploitation Tactics

In this post, we explore how APT37 (Reaper), a North Korea-linked APT group, has weaponized CHM files in recent campaigns. More importantly, we demonstrate a red team simulation of this attack vector: using a CHM file that delivers a reverse shell under the guise of accessing financial data

Read Article

Exploit Development Oct 27, 2025

SLmail 5.5 POP3 PASS Buffer Overflow — Exploit development

Buffer Overflow Exploit Development for SLmail 5.5

Read Article

Web App Oct 27, 2025

Hello World! Welcome to the Blog!

This is just a quick test run to make sure the site mechanics—the posting, the formatting, the subscribe feature, and the overall deployment—are all working fine on the new setup.

Read Article