/tags/belphc2/ Recent content in BelphC2 on Vanilla InfoSec Hugo -- gohugo.io en Wed, 13 May 2026 00:00:00 +0000 /posts/belphc2---jitter-logic-and-chaos-theory/ Wed, 13 May 2026 00:00:00 +0000 /posts/belphc2---jitter-logic-and-chaos-theory/ BelphC2 - Jitter Logic and Chaos Theory Disclaimer Is this necessary? Probably not… Do I find this cool and do I want to blab about it? Yes! Introduction to Jittering While developing BelphC2’s polling behavior, I had to decide how to generate seemingly random jittering values. Most post exploitation frameworks implement some form of a jitter. The term “jitter” refers to how a post exploitation framework’s beacon/implant manages its communication or ‘polling’ intervals. /posts/belphc2---dumping-passwords-out-of-web-browsers/ Sun, 01 Mar 2026 00:00:00 +0000 /posts/belphc2---dumping-passwords-out-of-web-browsers/ Save password..? Yes It feels like web browsers have accidentally become credential vaults? Mainly because… Well we typically hit “save password” when prompted: Admittedly, without much prior thought! Credentials for: Email accounts. Banking logins. Corporate VPN credentials. Cloud dashboards. Developer secrets. Session tokens. But there’s an important detail here in regards to how these browsers secure credentials in default configurations: Browser password managers are often designed to protect data at rest, not necessarily protect data from the logged-in user context itself.