When performing Reverse Engineering or binary analysis, one of the most common questions is: "Can user-controlled data reach a potentially dangerous function?" Let's try...
When performing Reverse Engineering or binary analysis, one of the most common questions is: "Can user-controlled data reach a potentially dangerous function?" Let's try...
Some time ago I wrote a post and a small script to run a brute force attack against FortiGate appliances. (Link to that post you can find here). This time I decided to check if similar bug is present in latest WatchGuard appliance (FireboxV, version 12.12). Below you'll find the details and poc code to test it in your own LAB. Below you'll find more details about it. Here we go...
When you're doing Active Directory pentesting on a tight schedule, running SharpHound manually and then clicking through BloodHound's UI gets old fast. BHADGUI started as a simple wrapper and evolved into something more useful.
Reactor is an 'easy' Linux CTF machine from Season 11 at Hack The Box platform. Few days ago I decided to check it. Below you'll find more details about it. Here we go...