PGP
HackerOne
Yogosha
YesWeHack
TryHackMe
HackTheBox
CodeWars
Buy Me a Coffee
Breaking the perimeter by exploiting routing-based SSRF via a misconfigured load balancer
Partial disclosure of a bug bounty report: breaking the perimeter by exploiting routing-based SSRF via a misconfigured load balancer.
Posts by Category
bug bounty
HackerNight 2024: my first live hacking event
Review of my experience at the HackerNight live hacking event in RootedCON and how I got the first blood on one of the customers.
Human 1 - sqlmap 0: defeating automation through manual exploitation
Partial disclosure of a bug bounty report: human 1 - sqlmap 0, defeating automation through manual exploitation.
Reflected XSS bypassing hidden input tag and auto-submit script in a form
Partial disclosure of a bug bounty report: reflected XSS bypassing hidden input tag and auto-submit script in a form.
Subdomain takeover via unclaimed Azure VM
Partial disclosure of a bug bounty report: subdomain takeover via unclaimed Azure VM.
Reflected XSS through POST request in a login form
Partial disclosure of a bug bounty report: reflected XSS through POST request in a login form.
Reflected XSS in search filter clear button in an e-commerce website
Partial disclosure of a bug bounty report: reflected XSS in search filter clear button in an e-commerce website.
TE.TE HTTP request smuggling obfuscating the TE header
Partial disclosure of a bug bounty report: TE.TE HTTP request smuggling obfuscating the TE header.
Reflected XSS bypassing a 302 Security Redirect due to the presence of Javascript function calls
Partial disclosure of a bug bounty report: reflected XSS bypassing a 302 Security Redirect due to the presence of Javascript function calls.
Time-based SQL injection in a login form
Partial disclosure of a bug bounty report: time-based SQL injection in login form.
review
HackerNight 2024: my first live hacking event
Review of my experience at the HackerNight live hacking event in RootedCON and how I got the first blood on one of the customers.
eJPT certification review
Review of the eJPT (eLearnSecurity Junior Penetration Tester), certification of eLearnSecurity intended for students interested in obtaining the necessary training that a junior pentester should have.
ctf
VulNyx: Diff3r3ntS3c
Writeup of the machine Diff3r3ntS3c from VulNyx.
VulNyx: HackingStation
Writeup of the machine HackingStation from VulNyx.
research
How to bypass the HttpOnly flag via the PHP info page to exfiltrate the user cookies during an XSS exploitation
Research on how to bypass the HttpOnly flag via the PHP info page to exfiltrate the user cookies during an XSS exploitation.