Few days ago I had a pleasure to check one of the Hack The Box 'Season 6' machine called Instant. Few details about it you will find below. Here we go...
wtorek, 22 października 2024
środa, 9 października 2024
Waiting for The Hack Summit 2024
During last years I had a pleasure to present few of my notes and ideas during The Hack Summit conference in Poland. This year I'll try to present few words about a new topic - more related to Ghidra. So just as a quick summary for previous years - below you'll find a 'current timeline'. ;) Here we go...
środa, 11 września 2024
Join Mnemonic - UD2
Below you'll find few notes about one simple RE challenge I found on Hack The Box. Here we go...
wtorek, 30 lipca 2024
Automating Network Pentests with Metasploit and Ruby
This time we'll continue the journey started in previous post to create a small 'semi-automated' tool to perform some 'basic' network pentests. For this case we'll focus (mostly;)) on CVE-2021-20039 for SonicWall SMA. Here we go...
środa, 24 lipca 2024
Reading Nmap Log In Ruby
From time to time during pentests we're using nmap to scan the target host(s). Today we'll try to read nmap's log using Ruby. Below you'll find few details about it. Here we go...
niedziela, 21 kwietnia 2024
Few notes from CTF@CIT
wtorek, 16 kwietnia 2024
Postauth SQLi in Centreon 23.10-1.el8
Similar to previous notes about hunting bugs in Centreon few weeks ago I prepared a new lab to test 'current/latest' version of this webapp. Below you'll find the details. Here we go...
poniedziałek, 8 stycznia 2024
Postauth SQLi in AdvantechWeb/SCADA 9.1.5U
During some internal pentests performed few weeks ago I found an SQL injection (postauth) bug in "latest" AdvantechWeb/SCADA (9.1.5U). Below you'll find more details about it. Here we go...
sobota, 6 stycznia 2024
Healthy PostAuth RCE in FortiADC 7.4.0
Subskrybuj:
Posty (Atom)