Slides for Reverse Engineering 101 in 20 minutes as presented at Pancakes Con - GitHub - SynapticRewrite/RE101in20min: Slides for Reverse Engineering 101 in 20 minutes as presented at Pancakes Con

How to inject meterpreter stager straight into a process running on a remote Linux system without touching disk and using only ssh and python.

Blog post: https://blog.sektor7.net/#!res/2018/pure-in-memory-linux.md
Blog: https://blog.sektor7.net
On-line courses:…

This was a simple and fun challenge which demonstrated a common vulnerability in web API's which are used by mobile applications.

Every once a while, you'll find what looks like a healthy XSS vulnerability, only to bash your head against a limited charset that prevents exploitation. One common restriction is a website that doesn

Goals:

A detailed look at interrupts and exceptions on modern architectures. This article covers servicing and nuances of software interrupts and exceptions.

A guide that will explain how to code scripts in Frida

Research By: Yoav Alon, Netanel Ben-Simon Introduction The year 2017 was an inflection point in the vulnerability landscape. The number of new vulnerabilities reported that year was around 14,000, which is over twice the number from the year before (see table…

Practical Insider Threat Penetration Testing Cases with Scapy (Shell Code and Protocol Evasion) by Dennis Chow As the penetration testing …

Introduction Launching an attack does not always require high technical aptitude on the part of a threat actor, especially when there are ready-made tools available for every stage of the infection chain. Delivery document builders and MaaS (Malware-as-a…

Hello Fellow Hackers!

Maybe you’re a web app pentester who gets frustrated with finding self-xss on sites you test, or maybe you’re a website owner who keeps rejecting self-xss as a valid vulnerability. This post is intended to help both understand the risk involved in self-xss…

Thick Client? What do you mean by that? Thick client is the kind of application which is installed on the …

快速搭建各种漏洞环境(Various vulnerability environment). Contribute to Medicean/VulApps development by creating an account on GitHub.

MBS - Massy Boutakus Searcher : An FTP/HTTP Servers Files Seacher - SofianeHamlaoui/Massy-Boutakus-Searcher

How to fix meterpreter session injected on a remote Linux system with self-modifying dd.Blog post: https://blog.sektor7.net/#!res/2018/pure-in-memory-linux....