Sep 16, 2021
·
11 min readMoodle exploitation using CVEs
Aug 28, 2021
·
4 min readExploiting the backdoor planted in PHP 8.1-dev
Aug 07, 2021
·
10 min readAbusing JWT key identifier and breaking out of a Docker container
Aug 06, 2021
·
9 min readDeserialization attack on YAML and reversing web assembly
Aug 06, 2021
·
9 min readCode execution with path traversal
Jul 26, 2021
·
10 min readPwning Drupal 7 CMS with Drupalgeddon and abusing Snap with malicious snap package
Jul 13, 2021
·
4 min readHands on with ShellShock vulnerability
Jun 26, 2021
·
10 min readGetting password from automatic login script of ChromeOS
Jun 18, 2021
·
5 min readThis is a machine that allows you to practise web app hacking and privilege escalation
Jun 14, 2021
·
11 min readFriendly PHP insecure deserialization attack and race condition
Jun 14, 2021
·
8 min readExploiting exploitation tools and command injection in a log file
Jun 02, 2021
·
9 min readDC-9 from VulnHub features a website that is vulnerable to SQL injection.
I’m able to dump a bunch …
May 30, 2021
·
8 min readDC-6 starts off by enumerating usernames from a WordPress website and use a brute-force attack …
Apr 28, 2021
·
10 min readExample of a phishing attack and PyPI package exploitation
Apr 02, 2021
·
6 min readExploiting OpenNetAdmin vulnerability and sudo nano