Active Directory Reconnaissence - Part 1

Posted on Wed 12 February 2020 in Active Directory • Tagged with active directory, reconnaissence, infrastructure, windows

Some basic reconnaissence of active directory while unauthenticated


Continue reading

Android Basics

Posted on Sun 16 August 2015 in Mobile Hacking • Tagged with android, mobile, reverse engineering

The very basics of Android application analysis


Continue reading

Authenticated Stored XSS in TangoCMS

Posted on Thu 19 March 2015 in Web Hacking • Tagged with web, xss

Demonstrating to possibilities of exploiting an authenticated stored XSS vulnerability


Continue reading

CSRF In BigTree CMS

Posted on Sun 08 March 2015 in Web Hacking • Tagged with web, csrf, responsible disclosure

A cross site request forgery vulnerability that existed in BigTree CMS version <= 1.4.5


Continue reading

Hacking FoeCMS

Posted on Sun 08 March 2015 in Web Hacking • Tagged with web, sql injection, xss, smtp injection, insecure authentication, remote code exection

A hacking session against the open source FoeCMS where a number of vulnerabilities were found


Continue reading

A Web Hack

Posted on Sun 08 February 2015 in Web Hacking • Tagged with web, sql injection, password cracking, file upload, path disclosure, xss, python

Hacking an old version of BigTree CMS as a Pentester Academy challenge VM


Continue reading

Improving The ROP Exploit

Posted on Wed 14 January 2015 in x86-32 Linux • Tagged with exploit development, linux, 32bit, fuzzing, buffer overflow, rop

Adding to the last return orientated programming exploit by using a few more advanced ROP techniques


Continue reading

Beating ASLR and NX using ROP

Posted on Sun 11 January 2015 in x86-32 Linux • Tagged with exploit development, linux, 32bit, fuzzing, buffer overflow, rop

Using return orientated programming to beat both address space layout randomization and never execute on 32bit Linux


Continue reading

SQL Injections

Posted on Tue 02 December 2014 in Web Hacking • Tagged with web, sql injection, python

A walkthrough of some reasonably advanced SQL injection techniques and exploitation


Continue reading

Rootkit for Hiding Files

Posted on Thu 23 October 2014 in Linux Kernel Hacking • Tagged with kernel development, linux, c, rootkit, kernel hacking

Building a basic rootkit for hiding files from normal operating system commands on Linux


Continue reading