HackTheBox - Forge
Bypass SSRF filters using domain redirection and abusing Python PDB
Bypass SSRF filters using domain redirection and abusing Python PDB
SSTI in Golang, abuse S3 bucket, and NGINX backdoor
Deserialization attack on YAML and reversing web assembly
Friendly PHP insecure deserialization attack and race condition
Chaining XSS, SSRF, and deserialization vulnerabilities to get RCE
DC-9 from VulnHub features a website that is vulnerable to SQL injection. I’m able to dump a bunch …
Exploiting an insecure deserialization on Jackson library and how to mitigate it
Pentesting against simulated AWS S3 Bucket
Exploiting OpenNetAdmin vulnerability and sudo nano