Iván Santos Malpica
(Aka. HackCommander)

Mathematician and Computer Engineer / Pentester / Bug Bounty Hunter / CTF Player

Posts by Year

2024 5
2023 6
2022 4

2024

Breaking the perimeter by exploiting routing-based SSRF via a misconfigured load balancer

December 07, 2024

Partial disclosure of a bug bounty report: breaking the perimeter by exploiting routing-based SSRF via a misconfigured load balancer.

web portswigger burpsuite burp scanner nikto mod_proxy_balancer ssrf

HackerNight 2024: my first live hacking event

June 10, 2024

Review of my experience at the HackerNight live hacking event in RootedCON and how I got the first blood on one of the customers.

life hacking event hackernight rootedcon yogosha first blood

VulNyx: Diff3r3ntS3c

April 08, 2024

Writeup of the machine Diff3r3ntS3c from VulNyx.

vulnyx nmap web burpsuite arbitrary file upload ffuf directory listing command injection cronjob

VulNyx: HackingStation

March 31, 2024

Writeup of the machine HackingStation from VulNyx.

vulnyx nmap web command injection gtfobins binary exploitation

Human 1 - sqlmap 0: defeating automation through manual exploitation

March 19, 2024

Partial disclosure of a bug bounty report: human 1 - sqlmap 0, defeating automation through manual exploitation.

web collaboration osint google dorking portswigger burpsuite 0iq sqlmap sql injection mysql bypass

2023

Reflected XSS bypassing hidden input tag and auto-submit script in a form

December 10, 2023

Partial disclosure of a bug bounty report: reflected XSS bypassing hidden input tag and auto-submit script in a form.

web osint amass httpx gau kxss burpsuite xss bypass

Subdomain takeover via unclaimed Azure VM

November 13, 2023

Partial disclosure of a bug bounty report: subdomain takeover via unclaimed Azure VM.

web vps osint reconftw nuclei subdomain takeover

Reflected XSS through POST request in a login form

November 05, 2023

Partial disclosure of a bug bounty report: reflected XSS through POST request in a login form.

web osint amass httpx burpsuite portswigger xss sop cors

Reflected XSS in search filter clear button in an e-commerce website

June 24, 2023

Partial disclosure of a bug bounty report: reflected XSS in search filter clear button in an e-commerce website.

web osint amass httpx burpsuite portswigger xss

TE.TE HTTP request smuggling obfuscating the TE header

May 03, 2023

Partial disclosure of a bug bounty report: TE.TE HTTP request smuggling obfuscating the TE header.

web osint amass httpx burpsuite burp scanner portswigger http request smuggling xss

Reflected XSS bypassing a 302 Security Redirect due to the presence of Javascript function calls

March 06, 2023

Partial disclosure of a bug bounty report: reflected XSS bypassing a 302 Security Redirect due to the presence of Javascript function calls.

web osint amass httpx gau kxss utm parameters burpsuite portswigger xss bypass

2022

How to bypass the HttpOnly flag via the PHP info page to exfiltrate the user cookies during an XSS exploitation

November 12, 2022

Research on how to bypass the HttpOnly flag via the PHP info page to exfiltrate the user cookies during an XSS exploitation.

web burpsuite base64 metasploitable 2 xss exfiltrate cookies session hijacking php info page bypass

Time-based SQL injection in a login form

October 17, 2022

Partial disclosure of a bug bounty report: time-based SQL injection in login form.

web osint leakix portswigger burpsuite sql injection mysql information_schema sqlmap php info page

Reflected XSS bypassing HTML tag removal sanitization

September 20, 2022

Partial disclosure of a bug bounty report: reflected XSS bypassing HTML tag removal sanitization.

web osint amass httpx burpsuite gau kxss xss python bypass sanitization

Review of the eJPT (eLearnSecurity Junior Penetration Tester), certification of eLearnSecurity intended for students interested in obtaining the necessary training that a junior pentester should have.

certification elearnsecurity ejpt pentesting

Iván Santos Malpica(Aka. HackCommander)

Posts by Year

2024

2023

2022

Iván Santos Malpica
(Aka. HackCommander)