Below you will find few 'mini articles':
(...)
- 15.07.2020 - Grounding drones - Tello DJI
- 08.07.2020 - Stack overflow for beginners - basic ARM
- 01.07.2020 - Using GEF for bug exploitation
- 23.06.2020 - WooPer - for Wordpress enumeration
- 21.06.2020 - Reading malware - MS Office Macros
- 14.06.2020 - Reversing Drones - mission planning
- 12.06.2020 - Reversing Drones - quick intro
- 25.05.2020 - Preloading Linux binaries
- 19.05.2020 - Reading malware - unpacking ASPack 2.12
- 18.05.2020 - Reading malware - old DDoS Perl Bot
- 17.05.2020 - Reading malware - 8UsA.sh
- 15.05.2020 - Cracking .NET - Anti-Reflector crackme
- 01.05.2020 - Reading malware - orbitclient.x86
- 01.05.2020 - Reading malware - yakuza.x86
- 01.05.2020 - Reading malware - SNOOPY
- 01.05.2020 - CrackMe for Beginners
- 21.04.2020 - Quick malware analysis
- 20.04.2020 - No python, no problem
- 09.04.2020 - Creating evil module for PrestaShop
- 06.04.2020 - ...and now we are free
- 29.03.2020 - Pentesting Zen Load Balancer - quick tutorial
- 27.03.2020 - Creating poc for preauth Symantec Web Gateway RCE
- 19.03.2020 - Creating poc for NagiosXI 0day
- 07.03.2020 - Playing games with Games
- 20.02.2020 - Bug bounty scam program
- 15.02.2020 - Exploiting Dolibarr 11
- 14.02.2020 - Escaping from the Fort - quick CVE-2017-14187 autopsy
- 10.02.2020 - Trying harder... - few notes about OSCP
- 31.01.2020 - From 0 to 0day - manual approach
- 26.01.2020 - Stack overflows for beginners - part 2 (x64)
- 10.01.2019 - Shared Windows - quick pentest notes
- 28.12.2019 - Testing SSRF in LiquiFireOS
- 27.12.2019 - Testing Android apps - mini lab
- 29.11.2019 - From 0 to 0day
- 20.11.2019 - Reading spam for a breakfast
- 16.11.2019 - Quick memory review - extracting secrets from Hikivision iVMS-4200
- 09.11.2019 - Sysinternals - quick review for Windows 10
- 05.11.2019 - Fool-AV-riend - Windows 10
- 27.10.2019 - Responding to Windows 10
- 07.10.2019 - Testing Damn Vulnerable NodeJS Application
- 12.08.2019 - Creating evil module for Wordpress
- 19.06.2019 - Basic protocol fuzzing
- 17.06.2019 - Unquoted path for CA Agents
- 09.06.2019 - Few more quick tests
- 31.05.2019 - Lazy Enlil
- 18.05.2019 - Reading Kibana
- 25.03.2019 - Creating evil module for Drupal
- 19.03.2019 - DLL Injection - part 2
- 23.02.2019 - Reading ActiveMQ
- 17.02.2019 - Go, RabbitMQ, go!
- 10.02.2019 - RCE in Enterprise VA MAX
- 31.01.2019 - RCE in Zen Load Balancer
- 29.01.2019 - RCE in Artica
- 28.01.2019 - Reading TrendMicro OfficeScan
- 16.01.2019 - Exploiting BlazeDVD
- 15.01.2019 - Exploiting VUPlayer
- 31.12.2018 - Reading firmware - Foscam
- 24.12.2018 - Reading firmware - Fortigate VM
- 24.12.2018 - Pentesting AD - we the user
- 02.12.2018 - Pentesting AD - Preparing Environment
- 22.11.2018 - Learning routers - part 2
- 21.10.2018 - Misconfigured Redis
- 04.10.2018 - OpenLDAP - from XSS to RCE
- 19.09.2018 - Cracking .NET apps
- 15.09.2018 - Few cracking notes
- 08.09.2018 - DLL Injection - part 1
- 28.08.2018 - Featuring Trac
- 14.08.2018 - venome.sh - simple msfvenom generator
- 03.08.2018 - Sample fuzzing automation
- 29.07.2018 - CVE-2018-6892 quick autopsy
- 21.07.2018 - Reading malware - your sister
- 10.07.2018 - Exploiting Monstra CMS 3.0.4
- 26.06.2018 - Exploiting CyberArk 10.2.1.603
- 29.04.2018 - Few bugs in latest Nagios XI 5.4.13
- 29.01.2018 - Post-auth SQL injection in FreePBX
- 12.01.2018 - Wipe TrendMicro - Deep Discovery Inspector
- 30.11.2017 - First results from modus.py[1, 2, 3, 4, 5]
- 20.11.2017 - RCE via XSS - Horde 5.2.19
- 5-16.11.2017 - SQL Injection in ManageEngine Applications Manager 13 [1, 2]
- 23.10.2017 - ZBX-11023 quick autopsy
- 17.08.2017 - RCE in Trend Micro IMSVA 9.1
- 14.08.2017 - Reading malware - Backdoor.SpyNet
- 05.08.2017 - Reading malware - Trojan.Delf
- 02.08.2017 - CVE-2013-1048 quick autopsy
- 25.07.2017 - GeniXCMS SQL Injection quick autopsy - part 2
- 06.07.2017 - Reading malware - Backdoor:Win32/Darkddoser
- 20.06.2017 - Reading malware
- 30.05.2017 - Exploiting MODX - Bitnami Edition
- 27.05.2017 - Exploiting Joomla 3.x - Bitnami Edition
- 27.05.2017 - Exploiting DokuWiki - Bitnami Edition
- 27.05.2017 - Exploiting Concrete5 CMS 8.1.0 - Bitnami Edition
- 27.05.2017 - Playing offline CTF's
- 11.05.2017 - Exploiting TestLink 1.9.16 - Bitnami Edition
- 08.05.2017 - Napalm 2.1 feat. Bitnami
- 09.04.2017 - Learning routers
- 09.04.2017 - Multiple Crashes in VLC 2.2.4
- 07.04.2017 - Multiple Crashes in IrfanView 4.44
- 16.01.2017 - Bug in ab from Apache 2.2.22
- 15.01.2017 - Upload shell to phpMyAdmin
- 13.01.2017 - GeniXCMS SQL Injection quick autopsy
- 05.01.2017 - Few bugs in TestLink
- 26.12.2016 - Automated scans with OpenVAS and Kali [1, 2, 3, 4]
- 27.11.2016 - Crontab with iptables
- 26.11.2016 - Basics of ARM/MIPS malware analysis
- 26.11.2016 - Windows logs in PowerShell
- 29.10.2016 - HTTP Server fuzzing with Burp
- 24.10.2016 - headhunter.py
- 23.10.2016 - Playing Assasin's APK
- 23.10.2016 - Playing with Contagio
- 23.10.2016 - Testing Meld vs PlumeCMS
- 16.09.2016 - Crash gdb in Kali
- 16.09.2016 - SQL injection in latest e107 CMS
- 10.09.2016 - Local resource enumeration via XSS
- 10.09.2016 - DVL warmup poc
- 22.08.2016 - Testing SQL injections in com_virtuemart 3.0.14
- 20.08.2016 -joomlash - new test in grabash.py
- 18.08.2016 - Few small changes on grabash.py
- 07.08.2017 - Small script for Metasploit in Kali2
- 29.07.2016 - Exploiting Kali2 - part 1
- 22.07.2016 - bikoz.py
To be continued...
Brak komentarzy:
Prześlij komentarz