Explore the unconventional use of Scratch programming language for network exploitation in this 52-minute conference talk from 44CON 2018. Discover how Kev Sheldrake leverages experimental HTTP extensions in Scratch v2 to implement TCP/IP functions, enabling fuzzing and exploitation of vulnerable network services. Learn about the process of creating custom blocks linked to Python functions, overcoming sandbox limitations, and developing proof-of-concept exploits for various vulnerabilities. Gain insights into the intricacies of the Scratch extension API, its limitations, and how to combine simple concepts to create functional exploits. Witness live demonstrations of exploiting stack smash and format string vulnerabilities in echo servers, and understand how this approach can make exploit development accessible to those with basic Scratch programming skills.