Archives
- 20 Oct Hacking RAMADDA, White Box Web Apps, and Bug Bounty Tips
- 18 Aug Department of Defense Researcher of the Month
- 27 Mar PyMedusa OS Command Injection
- 20 Feb SQL Injection in Eufy Security Application
- 25 Jan Self-Hosted Security Part ? - Poor Rate Limiting in Organizr
- 25 Nov Docker Compose - Plex, Jackett, Sonarr, Radarr, Lidarr, Prowlarr, qBittorrent, and PIA
- 17 Oct Webmin CVE-2022-0824 RCE in Golang
- 11 Oct Guitar Pro Directory Traversal and Filename XSS
- 30 Sep CrushFTP DoS
- 29 Sep Golang Proof of Concept Exploit for CVE-2021-44077: PreAuth RCE in ManageEngine ServiceDesk Plus < 11306
- 26 Aug A Quick AWS Lambda Reverse Shell
- 01 Aug The Incredibly Insecure Weather Station - Part 2
- 30 Jun The Incredibly Insecure Weather Station
- 07 Apr Deploying and Configuring a Bug Bounty Box with Terraform and Ansible
- 17 Feb MotionEye Config Info Disclosure
- 17 Feb Offensive Security PEN-300 Evasion Techniques and Breaching Defenses - Course and Exam Review
- 31 Jan Update: Hacking MotionEye - CVE-2021-44255
- 22 Dec Sharpshooter, Python2.7, and Pip2 Installation
- 14 Dec Client Side Template Injection, huh?
- 25 Nov Learning Go By Writing a POC for Gitlab CVE-2021-22205
- 09 Nov Tesla Solar, Powerwalls, Docker, Python, and Crypto Mining
- 09 Oct Hacking MotionEye/MotionEyeOS
- 19 Sep Docker Compose - Plex with Plex Pass, Jackett, Sonarr, Radarr, Lidarr, qBittorrent, and PIA
- 16 Sep Free Bitcoin - Simple 'Malware' Analysis
- 18 Aug Quick and Easy (and not the best) way to use HTTPS with qBittorrent and Firefox
- 17 Aug Evasion Techniques and Breaching Defenses (PEN-300) - OSEP - Initial Thoughts
- 21 Jul Advanced Web Attacks and Exploits -AWAE - Exam Review
- 30 Jun CVE-2021-35959 Stored XSS in Folder Contents on Plone 5-5.2.4
- 20 Jun Malicious qBittorrent Search Plugin: Feature or Bug?
- 20 Jun Arbitrary Code Execution in Manuskript < 0.12
- 25 Mar Offensive Security AWAE/OSWE