web — MOV AX, BX

Story Behind Sweet SSRF.

Posted on 25.01.202125.01.2021 / by admin /

Story Behind Sweet SSRF
#web #hack #ssrf

The Secret Parameter, LFR, and Potential RCE in NodeJS Apps

Posted on 25.01.202125.01.2021 / by admin /

The Secret Parameter, LFR, and Potential RCE in NodeJS Apps
#web #hacking #hack #nodeJS

How I hacked Facebook: Part One

Posted on 13.12.202013.12.2020 / by admin /

How I hacked Facebook: Part One
#web #security #facebook #csrf

Escalating XSS to Account Takeover

Posted on 30.11.202030.11.2020 / by admin /

Escalating XSS to Account Takeover
#xss #web #security

Weaponizing XSS For Fun & Profit

Posted on 30.11.202030.11.2020 / by admin /

Weaponizing XSS For Fun & Profit
#web #security #xss

Burp Suite vs OWASP ZAP – a Comparison series

Posted on 27.11.202027.11.2020 / by admin /

Burp Suite vs OWASP ZAP – a Comparison series
#burp #burppro #suite #owasp #zap #zap-a

Public password dumps in ELK

Posted on 13.05.202013.05.2020 / by admin /

Passwords, passwords, passwords: end users and defenders hate them, attackers love them. Despite the recent focus on stronger authentication forms by defenders, passwords are still the predominant way to get access to systems.

CARPE (DIEM): CVE-2019-0211 Apache Root Privilege Escalation

Posted on 08.04.201908.04.2019 / by admin /

Original text by cfreal Escalation 2019-04-03 Introduction From version 2.4.17 (Oct 9, 2015) to version 2.4.38 (Apr 1, 2019), Apache HTTP suffers

Insomni’Hack Teaser 2019 — exploit-space

Posted on 03.02.201903.02.2019 / by admin /

Original text by @Ghostx_0 CTF URL: https://teaser.insomnihack.ch/ Solves: 7 / Points: 500 / Category: Web Challenge description We have created a little exploit