Learn Basic Concepts of Linux. Best site to learn Linux from beginner to Advanced.

Analyzing and Hacking Binaries with Ghidra.

I haven’t written an “attack of the week” post in a while, and it’s been bumming me out. This is not because there’s been a lack of attacks, but mostly because there h…

SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion tec...

CVE-2020-1337 a bypass of (PrintDemon) CVE-2020-1048’s patch - GitHub - VoidSec/CVE-2020-1337: CVE-2020-1337 a bypass of (PrintDemon) CVE-2020-1048’s patch

Not a Coinhive Writeup

Exploitation from WAN to LAN

Set up a penetration testing environment using docker containers in docker networks to learn various types of port forwarding techniques.

Detectify Crowdsource hacker Özgür Alp turned an out-of-scope open redirect finding into a publicly registered vulnerability, CVE-2020-1323.

Intro to PHP object injection vulnerabilities

UAFuzz: Binary-level Directed Fuzzing for Use-After-Free Vulnerabilities - strongcourage/uafuzz

This blog post will go through my whitebox review of an unnamed Electron application from a bug bounty program. I will demonstrate how I escalated an open redirect into remote code execution with the help of some debugging. Code samples have been modified…

SameSite=Lax Cookies by Default is a new browser feature we will look at how to bypass it and what is the security concerns with it..

Introduction During red team engagements, it is not uncommon to encounter Endpoint Defence & Response (EDR) / Prevention (EDP) products that implement user-land hooks to gain insight in to a...

A helpful Java Deserialization exploit framework. Contribute to wh1t3p1g/ysomap development by creating an account on GitHub.