Skip to content

Offensive Low-Level Knowledge Base

A technique-per-atom knowledge base in the spirit of ired.team — but aimed at the low level: architecture/microarchitecture, Linux kernel internals & exploitation, hypervisor/virtualization, side-channel & transient execution, mitigations, and exploitation primitives.

What is an atom?

An atom is one technique — not a term. Every entry answers three things together: what it is, why it works (the invariant), and how to do it (step by step, with commands and expected output).

Categories

  • :material-chip: Architecture / Microarch — caches, predictors, MMU, buses
  • :material-penguin: Linux Kernel — internals & exploitation
  • :material-server-network: Hypervisor / Virtualization — VMX, EPT, escapes
  • :material-timer-outline: Side-Channel / Transient — Flush+Reload, Spectre-class
  • :material-shield-lock: Mitigations & Bypasses — KPTI, SMEP/SMAP, CFI
  • :material-puzzle: Exploitation Primitives — UAF→R/W, ret2*, sprays

Use the search (top bar) for full-text lookup, or the category tabs to browse.

How it's built

Each technique is two files that share a slug:

  • docs/<category>/<slug>.md — the note (this page set)
  • meta/<category>/<slug>.yaml — structured metadata (prereqs, see-also, sources)

See schema.md in the repo root for the full contract. check.py validates the corpus; build_nav.py regenerates the navigation.

Scope & intent

Content is technical and neutral, intended for authorized security research, CTFs, defensive engineering, and education. Techniques are described to understand and defend against them.