PGP
HackerOne
Yogosha
YesWeHack
TryHackMe
HackTheBox
CodeWars
Buy Me a Coffee
VulNyx: Diff3r3ntS3c
Writeup of the machine Diff3r3ntS3c from VulNyx.
Posts by Tag
- web 12
- burpsuite 10
- osint 9
- xss 7
- amass 6
- httpx 6
- portswigger 6
- bypass 5
- gau 3
- kxss 3
- sql injection 2
- mysql 2
- sqlmap 2
- php info page 2
- vulnyx 2
- nmap 2
- command injection 2
- certification 1
- elearnsecurity 1
- ejpt 1
- pentesting 1
- python 1
- sanitization 1
- leakix 1
- information_schema 1
- base64 1
- metasploitable 2 1
- exfiltrate cookies 1
- session hijacking 1
- utm parameters 1
- burp scanner 1
- http request smuggling 1
- sop 1
- cors 1
- vps 1
- reconftw 1
- nuclei 1
- subdomain takeover 1
- collaboration 1
- google dorking 1
- 0iq 1
- gtfobins 1
- binary exploitation 1
- arbitrary file upload 1
- ffuf 1
- directory listing 1
- cronjob 1
- life hacking event 1
- hackernight 1
- rootedcon 1
- yogosha 1
- first blood 1
web
VulNyx: HackingStation
Writeup of the machine HackingStation from VulNyx.
Human 1 - sqlmap 0: defeating automation through manual exploitation
Partial disclosure of a bug bounty report: human 1 - sqlmap 0: defeating automation through manual exploitation.
Reflected XSS bypassing hidden input tag and auto-submit script in a form
Partial disclosure of a bug bounty report: reflected XSS bypassing hidden input tag and auto-submit script in a form.
Subdomain takeover via unclaimed Azure VM
Partial disclosure of a bug bounty report: subdomain takeover via unclaimed Azure VM.
Reflected XSS through POST request in a login form
Partial disclosure of a bug bounty report: reflected XSS through POST request in a login form.
Reflected XSS in search filter clear button in an e-commerce website
Partial disclosure of a bug bounty report: reflected XSS in search filter clear button in an e-commerce website.
TE.TE HTTP request smuggling obfuscating the TE header
Partial disclosure of a bug bounty report: TE.TE HTTP request smuggling obfuscating the TE header.
Reflected XSS bypassing a 302 Security Redirect due to the presence of Javascript function calls
Partial disclosure of a bug bounty report: reflected XSS bypassing a 302 Security Redirect due to the presence of Javascript function calls.
How to bypass the HttpOnly flag via the PHP info page to exfiltrate the user cookies during an XSS exploitation
Research on how to bypass the HttpOnly flag via the PHP info page to exfiltrate the user cookies during an XSS exploitation.
Time-based SQL injection in a login form
Partial disclosure of a bug bounty report: time-based SQL injection in login form.
burpsuite
VulNyx: Diff3r3ntS3c
Writeup of the machine Diff3r3ntS3c from VulNyx.
Human 1 - sqlmap 0: defeating automation through manual exploitation
Partial disclosure of a bug bounty report: human 1 - sqlmap 0: defeating automation through manual exploitation.
Reflected XSS bypassing hidden input tag and auto-submit script in a form
Partial disclosure of a bug bounty report: reflected XSS bypassing hidden input tag and auto-submit script in a form.
Reflected XSS through POST request in a login form
Partial disclosure of a bug bounty report: reflected XSS through POST request in a login form.
Reflected XSS in search filter clear button in an e-commerce website
Partial disclosure of a bug bounty report: reflected XSS in search filter clear button in an e-commerce website.
TE.TE HTTP request smuggling obfuscating the TE header
Partial disclosure of a bug bounty report: TE.TE HTTP request smuggling obfuscating the TE header.
Reflected XSS bypassing a 302 Security Redirect due to the presence of Javascript function calls
Partial disclosure of a bug bounty report: reflected XSS bypassing a 302 Security Redirect due to the presence of Javascript function calls.
How to bypass the HttpOnly flag via the PHP info page to exfiltrate the user cookies during an XSS exploitation
Research on how to bypass the HttpOnly flag via the PHP info page to exfiltrate the user cookies during an XSS exploitation.
Time-based SQL injection in a login form
Partial disclosure of a bug bounty report: time-based SQL injection in login form.
osint
Human 1 - sqlmap 0: defeating automation through manual exploitation
Partial disclosure of a bug bounty report: human 1 - sqlmap 0: defeating automation through manual exploitation.
Reflected XSS bypassing hidden input tag and auto-submit script in a form
Partial disclosure of a bug bounty report: reflected XSS bypassing hidden input tag and auto-submit script in a form.
Subdomain takeover via unclaimed Azure VM
Partial disclosure of a bug bounty report: subdomain takeover via unclaimed Azure VM.
Reflected XSS through POST request in a login form
Partial disclosure of a bug bounty report: reflected XSS through POST request in a login form.
Reflected XSS in search filter clear button in an e-commerce website
Partial disclosure of a bug bounty report: reflected XSS in search filter clear button in an e-commerce website.
TE.TE HTTP request smuggling obfuscating the TE header
Partial disclosure of a bug bounty report: TE.TE HTTP request smuggling obfuscating the TE header.
Reflected XSS bypassing a 302 Security Redirect due to the presence of Javascript function calls
Partial disclosure of a bug bounty report: reflected XSS bypassing a 302 Security Redirect due to the presence of Javascript function calls.
Time-based SQL injection in a login form
Partial disclosure of a bug bounty report: time-based SQL injection in login form.
xss
Reflected XSS bypassing hidden input tag and auto-submit script in a form
Partial disclosure of a bug bounty report: reflected XSS bypassing hidden input tag and auto-submit script in a form.
Reflected XSS through POST request in a login form
Partial disclosure of a bug bounty report: reflected XSS through POST request in a login form.
Reflected XSS in search filter clear button in an e-commerce website
Partial disclosure of a bug bounty report: reflected XSS in search filter clear button in an e-commerce website.
TE.TE HTTP request smuggling obfuscating the TE header
Partial disclosure of a bug bounty report: TE.TE HTTP request smuggling obfuscating the TE header.
Reflected XSS bypassing a 302 Security Redirect due to the presence of Javascript function calls
Partial disclosure of a bug bounty report: reflected XSS bypassing a 302 Security Redirect due to the presence of Javascript function calls.
How to bypass the HttpOnly flag via the PHP info page to exfiltrate the user cookies during an XSS exploitation
Research on how to bypass the HttpOnly flag via the PHP info page to exfiltrate the user cookies during an XSS exploitation.
amass
Reflected XSS bypassing hidden input tag and auto-submit script in a form
Partial disclosure of a bug bounty report: reflected XSS bypassing hidden input tag and auto-submit script in a form.
Reflected XSS through POST request in a login form
Partial disclosure of a bug bounty report: reflected XSS through POST request in a login form.
Reflected XSS in search filter clear button in an e-commerce website
Partial disclosure of a bug bounty report: reflected XSS in search filter clear button in an e-commerce website.
TE.TE HTTP request smuggling obfuscating the TE header
Partial disclosure of a bug bounty report: TE.TE HTTP request smuggling obfuscating the TE header.
Reflected XSS bypassing a 302 Security Redirect due to the presence of Javascript function calls
Partial disclosure of a bug bounty report: reflected XSS bypassing a 302 Security Redirect due to the presence of Javascript function calls.
httpx
Reflected XSS bypassing hidden input tag and auto-submit script in a form
Partial disclosure of a bug bounty report: reflected XSS bypassing hidden input tag and auto-submit script in a form.
Reflected XSS through POST request in a login form
Partial disclosure of a bug bounty report: reflected XSS through POST request in a login form.
Reflected XSS in search filter clear button in an e-commerce website
Partial disclosure of a bug bounty report: reflected XSS in search filter clear button in an e-commerce website.
TE.TE HTTP request smuggling obfuscating the TE header
Partial disclosure of a bug bounty report: TE.TE HTTP request smuggling obfuscating the TE header.
Reflected XSS bypassing a 302 Security Redirect due to the presence of Javascript function calls
Partial disclosure of a bug bounty report: reflected XSS bypassing a 302 Security Redirect due to the presence of Javascript function calls.
portswigger
Human 1 - sqlmap 0: defeating automation through manual exploitation
Partial disclosure of a bug bounty report: human 1 - sqlmap 0: defeating automation through manual exploitation.
Reflected XSS through POST request in a login form
Partial disclosure of a bug bounty report: reflected XSS through POST request in a login form.
Reflected XSS in search filter clear button in an e-commerce website
Partial disclosure of a bug bounty report: reflected XSS in search filter clear button in an e-commerce website.
TE.TE HTTP request smuggling obfuscating the TE header
Partial disclosure of a bug bounty report: TE.TE HTTP request smuggling obfuscating the TE header.
Reflected XSS bypassing a 302 Security Redirect due to the presence of Javascript function calls
Partial disclosure of a bug bounty report: reflected XSS bypassing a 302 Security Redirect due to the presence of Javascript function calls.
Time-based SQL injection in a login form
Partial disclosure of a bug bounty report: time-based SQL injection in login form.
bypass
Human 1 - sqlmap 0: defeating automation through manual exploitation
Partial disclosure of a bug bounty report: human 1 - sqlmap 0: defeating automation through manual exploitation.
Reflected XSS bypassing hidden input tag and auto-submit script in a form
Partial disclosure of a bug bounty report: reflected XSS bypassing hidden input tag and auto-submit script in a form.
Reflected XSS bypassing a 302 Security Redirect due to the presence of Javascript function calls
Partial disclosure of a bug bounty report: reflected XSS bypassing a 302 Security Redirect due to the presence of Javascript function calls.
How to bypass the HttpOnly flag via the PHP info page to exfiltrate the user cookies during an XSS exploitation
Research on how to bypass the HttpOnly flag via the PHP info page to exfiltrate the user cookies during an XSS exploitation.
gau
Reflected XSS bypassing hidden input tag and auto-submit script in a form
Partial disclosure of a bug bounty report: reflected XSS bypassing hidden input tag and auto-submit script in a form.
Reflected XSS bypassing a 302 Security Redirect due to the presence of Javascript function calls
Partial disclosure of a bug bounty report: reflected XSS bypassing a 302 Security Redirect due to the presence of Javascript function calls.
kxss
Reflected XSS bypassing hidden input tag and auto-submit script in a form
Partial disclosure of a bug bounty report: reflected XSS bypassing hidden input tag and auto-submit script in a form.
Reflected XSS bypassing a 302 Security Redirect due to the presence of Javascript function calls
Partial disclosure of a bug bounty report: reflected XSS bypassing a 302 Security Redirect due to the presence of Javascript function calls.
sql injection
Human 1 - sqlmap 0: defeating automation through manual exploitation
Partial disclosure of a bug bounty report: human 1 - sqlmap 0: defeating automation through manual exploitation.
Time-based SQL injection in a login form
Partial disclosure of a bug bounty report: time-based SQL injection in login form.
mysql
Human 1 - sqlmap 0: defeating automation through manual exploitation
Partial disclosure of a bug bounty report: human 1 - sqlmap 0: defeating automation through manual exploitation.
Time-based SQL injection in a login form
Partial disclosure of a bug bounty report: time-based SQL injection in login form.
sqlmap
Human 1 - sqlmap 0: defeating automation through manual exploitation
Partial disclosure of a bug bounty report: human 1 - sqlmap 0: defeating automation through manual exploitation.
Time-based SQL injection in a login form
Partial disclosure of a bug bounty report: time-based SQL injection in login form.
php info page
How to bypass the HttpOnly flag via the PHP info page to exfiltrate the user cookies during an XSS exploitation
Research on how to bypass the HttpOnly flag via the PHP info page to exfiltrate the user cookies during an XSS exploitation.
Time-based SQL injection in a login form
Partial disclosure of a bug bounty report: time-based SQL injection in login form.
vulnyx
VulNyx: Diff3r3ntS3c
Writeup of the machine Diff3r3ntS3c from VulNyx.
VulNyx: HackingStation
Writeup of the machine HackingStation from VulNyx.
nmap
VulNyx: Diff3r3ntS3c
Writeup of the machine Diff3r3ntS3c from VulNyx.
VulNyx: HackingStation
Writeup of the machine HackingStation from VulNyx.
command injection
VulNyx: Diff3r3ntS3c
Writeup of the machine Diff3r3ntS3c from VulNyx.
VulNyx: HackingStation
Writeup of the machine HackingStation from VulNyx.
certification
eJPT certification review
Review of the eJPT (eLearnSecurity Junior Penetration Tester), certification of eLearnSecurity intended for students interested in obtaining the necessary training that a junior pentester should have.
elearnsecurity
eJPT certification review
Review of the eJPT (eLearnSecurity Junior Penetration Tester), certification of eLearnSecurity intended for students interested in obtaining the necessary training that a junior pentester should have.
ejpt
eJPT certification review
Review of the eJPT (eLearnSecurity Junior Penetration Tester), certification of eLearnSecurity intended for students interested in obtaining the necessary training that a junior pentester should have.
pentesting
eJPT certification review
Review of the eJPT (eLearnSecurity Junior Penetration Tester), certification of eLearnSecurity intended for students interested in obtaining the necessary training that a junior pentester should have.
python
sanitization
leakix
Time-based SQL injection in a login form
Partial disclosure of a bug bounty report: time-based SQL injection in login form.
information_schema
Time-based SQL injection in a login form
Partial disclosure of a bug bounty report: time-based SQL injection in login form.
base64
How to bypass the HttpOnly flag via the PHP info page to exfiltrate the user cookies during an XSS exploitation
Research on how to bypass the HttpOnly flag via the PHP info page to exfiltrate the user cookies during an XSS exploitation.
metasploitable 2
How to bypass the HttpOnly flag via the PHP info page to exfiltrate the user cookies during an XSS exploitation
Research on how to bypass the HttpOnly flag via the PHP info page to exfiltrate the user cookies during an XSS exploitation.
exfiltrate cookies
How to bypass the HttpOnly flag via the PHP info page to exfiltrate the user cookies during an XSS exploitation
Research on how to bypass the HttpOnly flag via the PHP info page to exfiltrate the user cookies during an XSS exploitation.
session hijacking
How to bypass the HttpOnly flag via the PHP info page to exfiltrate the user cookies during an XSS exploitation
Research on how to bypass the HttpOnly flag via the PHP info page to exfiltrate the user cookies during an XSS exploitation.
utm parameters
Reflected XSS bypassing a 302 Security Redirect due to the presence of Javascript function calls
Partial disclosure of a bug bounty report: reflected XSS bypassing a 302 Security Redirect due to the presence of Javascript function calls.
burp scanner
TE.TE HTTP request smuggling obfuscating the TE header
Partial disclosure of a bug bounty report: TE.TE HTTP request smuggling obfuscating the TE header.
http request smuggling
TE.TE HTTP request smuggling obfuscating the TE header
Partial disclosure of a bug bounty report: TE.TE HTTP request smuggling obfuscating the TE header.
sop
Reflected XSS through POST request in a login form
Partial disclosure of a bug bounty report: reflected XSS through POST request in a login form.
cors
Reflected XSS through POST request in a login form
Partial disclosure of a bug bounty report: reflected XSS through POST request in a login form.
vps
Subdomain takeover via unclaimed Azure VM
Partial disclosure of a bug bounty report: subdomain takeover via unclaimed Azure VM.
reconftw
Subdomain takeover via unclaimed Azure VM
Partial disclosure of a bug bounty report: subdomain takeover via unclaimed Azure VM.
nuclei
Subdomain takeover via unclaimed Azure VM
Partial disclosure of a bug bounty report: subdomain takeover via unclaimed Azure VM.
subdomain takeover
Subdomain takeover via unclaimed Azure VM
Partial disclosure of a bug bounty report: subdomain takeover via unclaimed Azure VM.
collaboration
Human 1 - sqlmap 0: defeating automation through manual exploitation
Partial disclosure of a bug bounty report: human 1 - sqlmap 0: defeating automation through manual exploitation.
google dorking
Human 1 - sqlmap 0: defeating automation through manual exploitation
Partial disclosure of a bug bounty report: human 1 - sqlmap 0: defeating automation through manual exploitation.
0iq
Human 1 - sqlmap 0: defeating automation through manual exploitation
Partial disclosure of a bug bounty report: human 1 - sqlmap 0: defeating automation through manual exploitation.
gtfobins
VulNyx: HackingStation
Writeup of the machine HackingStation from VulNyx.
binary exploitation
VulNyx: HackingStation
Writeup of the machine HackingStation from VulNyx.
arbitrary file upload
VulNyx: Diff3r3ntS3c
Writeup of the machine Diff3r3ntS3c from VulNyx.
ffuf
VulNyx: Diff3r3ntS3c
Writeup of the machine Diff3r3ntS3c from VulNyx.
directory listing
VulNyx: Diff3r3ntS3c
Writeup of the machine Diff3r3ntS3c from VulNyx.
cronjob
VulNyx: Diff3r3ntS3c
Writeup of the machine Diff3r3ntS3c from VulNyx.
life hacking event
HackerNight 2024: my first live hacking event
Review of my experience at the HackerNight live hacking event in RootedCON and how I got the first blood on one of the customers.
hackernight
HackerNight 2024: my first live hacking event
Review of my experience at the HackerNight live hacking event in RootedCON and how I got the first blood on one of the customers.
rootedcon
HackerNight 2024: my first live hacking event
Review of my experience at the HackerNight live hacking event in RootedCON and how I got the first blood on one of the customers.
yogosha
HackerNight 2024: my first live hacking event
Review of my experience at the HackerNight live hacking event in RootedCON and how I got the first blood on one of the customers.
first blood
HackerNight 2024: my first live hacking event
Review of my experience at the HackerNight live hacking event in RootedCON and how I got the first blood on one of the customers.