Tampering With HTTP ParamsIn a recent penetration testing engagement I happened to stumble across a interesting vulnerability that allowed for an end user to…Mar 27, 20211Mar 27, 20211
Jinja2 — Server Side Template Injection (SSTI)Server-Side Template Injection is a vulnerability commonly that is confused with Cross-Site Scripting (XSS) or just missed entirely. The…Oct 20, 2020Oct 20, 2020
Zerologon Exploit — CVE-2020–1472If you are one of few who are missing out on staying up to date with current vulnerabilities, than you may have not heard of the Zerologon…Oct 7, 2020Oct 7, 2020
Journey To OSCPIts been a couple of days since I received the email from Offensive Security saying I successfully completed their Penetration Testing…Aug 22, 2020Aug 22, 2020
HTB — Blue Walkthrough ( No Metasploit)In my opinion, this box should be one of the first boxes someone should attempt who is new to Hack The Box. The attack surface for this…Jun 23, 2020Jun 23, 2020