Into Most of my recent posts have been centered around red team security, but this article will be more from a blue team perspective of network security. I’ll cover setting up an offsite server...
The time I enumerated every GitHub admin
Finding the design flaw While playing with the GitHub API querying different things, I had a light bulb go off. If you can query any GitHub user via API, and see their adminstrator access level, w...
A skidalicious cheat sheet of webapp exploitation techniques
Background This is intended to be a concice cheat sheet for common web application exploitation techniques. Most of these techniques are well known, but hopefully this can serve as a place to brei...
Advanced Fuzzing Techniques in ansvif
Prerequisites This article references both ansvif and radamsa which need to be downloaded from github and gitlab respectively and compiled for all this to work. Advanced techniques This is a tut...
Creating a secured terminal paste tool
Background Having a disuccsion with a friend about termbin and that the only viable improvement to the system would most probably be in/out encryption, (src hosted at github). Enter me, a bored...
From dirty Tor exit nodes to Bitcoin wallet.dat theft
Background While living at a halfway house, otherwise bored of being sober at the time, I decided I was going to run a Tor exit node. The neat thing about Tor exit nodes is, if you are an operat...
Password cracking wordlists
Background I’ve compiled a list of my favorite cracking wordlists of different sizes and types. These lists are designed to be used with john/thc-hydra/aircrack-ng/oclhashcat and more. One passwor...
CVE-2017-5816 Whitepaper
Background The dbman.exe module out of HP iMC PLAT 7.3 listening on TCP/2810 tries to initiate a restart of some network services, whilst doing so running NET STOP on an asn.1 BER encoded ip addr...
CVE-2006-3392 Whitepaper
Background Webmin contains two critical vulnerabilities within the perl codebase. The first, a directory transversal where you can read arbitrary files, including webmin’s logs. The second vulne...