Persistence with KeePass - Part 1 - James - Medium In this post we are going to look at a method of gaining persistence using KeePass. This approach re... 2019-07-01 01:00:33 | 阅读: 448 | 收藏 | medium.com keepass strfilepath strtype beacon shellcode

Remote code execution On Microsoft edge URL Protocol IntroductionHello everyone and welcome to my first bug ever in ‘RCE’ section and I hope this is a go... 2019-05-03 12:43:44 | 阅读: 482 | 收藏 | medium.com jsffile wsffile understood matt harr0ey

My Recon Process — DNS Enumeration – Noobhax – Medium This is my first post in a series where I will go into detail on how I conduct my reconnaissance.The... 2019-05-01 00:14:17 | 阅读: 579 | 收藏 | medium.com amass tesla massdns masscan wildcard

5 Simple Tips for Efficient Web Crawling using Selenium Python In this article, I will share 5 simple tips that will help you to improve automation of your web scr... 2019-03-26 23:31:21 | 阅读: 548 | 收藏 | medium.com selenium python phantomjs chrome killall

Command Injection PoC – InfoSec Write-ups – Medium So back in December 2017 i found a command injection vulnerability in one of job listing site. Here... 2019-03-21 23:42:59 | 阅读: 564 | 收藏 | medium.com ngrok icmp blablabla passwd injection

HOW TO FIX BURP SUITE SSL/TLS CONNECTION PROBLEMS – Iraklis Mathiopoulos – Medium Intercepting SSL/TLS connections works seamlessly 95% of the time. This tutorial aims to help with t... 2019-03-21 18:24:27 | 阅读: 807 | 收藏 | medium.com zap burp proxy 8081 talks

Top Five Ways I Got Domain Admin on Your Internal Network before Lunch (2018 Edition) A Scary Thought: I’ve worked in the Cyber ​​Security space performing a wide breadth of penetration... 2019-03-16 01:25:14 | 阅读: 522 | 收藏 | medium.com mitm6 windows ntlmrelayx wpad

From RCE to LDAP access – Thibeault – Medium This is my second write-up, feel free to give me feedback on Twitter (@thibeault_chenu) or in the co... 2019-03-16 01:17:41 | 阅读: 448 | 收藏 | medium.com rfid php security windows network

Hardening Your Azure Domain Front – Steve Borosh – Medium IntroductionWhile domain fronting isn’t a new technique for offensive infrastructure, it continues t... 2019-02-26 00:32:54 | 阅读: 541 | 收藏 | medium.com payload c2 beacon defenses prying

Chain of hacks leading to Database Compromise – Avinash Jain (https://twitter.com/logicbomb_1) – Medium read file error: read notes: is a directory... 2019-02-26 00:30:29 | 阅读: 480 | 收藏 | medium.com download php ssrf lying database

Splunk Universal Forwarder Hijacking – Airman – Medium BackgroundSplunk Universal Forwarder includes a management service that is listening on TCP port 808... 2019-02-26 00:25:25 | 阅读: 671 | 收藏 | medium.com forwarder universal attacker machine remote

How To Exploit PHP Remotely To Bypass Filters & WAF Rules In the last three articles, I’ve been focused on how to bypass WAF rule set in order to exploit a re... 2019-1-7 00:38:43 | 阅读: 4 | 收藏 | Stories by theMiddle on Medium - medium.com bypass remote php sucuri readjun

Web Application Firewall (WAF) Evasion Techniques #3 This article explores how to use an uninitialized Bash variable to bypass WAF regular expression bas... 2019-1-7 00:37:6 | 阅读: 10 | 收藏 | Stories by theMiddle on Medium - medium.com bypass modsecurity readapr readjan injection

How I got your phone number through Facebook – intigriti – Medium Don’t have the time to read the entire article? Go to the FAQ section below for everything you shoul... 2018-12-08 15:53:21 | 阅读: 612 | 收藏 | medium.com facebook 0477 belgian 9th 2500

Windows Event Log to the Dark Side – Mustafa – Medium Event log is a component of Microsoft Windows which provides a central logging service for the operation system, logs helped fixing problems and provided many traces and evidences for forensics.Event... 2018-10-26 15:36:04 | 阅读: 314 | 收藏 | medium.com eventlog windows logfiles payload logfile

Swiftness — A bug bounty data management tool. – Sahil Ahamad – Medium Swiftness with my targets and data.Swiftness is a macOS productivity tool for bug hunters and securi... 2018-09-09 20:09:52 | 阅读: 349 | 收藏 | medium.com swiftness inbuilt download checklist github

緩衝區溢位攻擊之三(Buffer Overflow) 無論如何我們直接寫shellcode並跳轉到上面執行的方法不再適用，那怎麼辦呢？此時就要導入ROP的概念。什麼是ROP( Return-Oriented Programming)？引述wiki:… a... 2018-08-16 04:28:08 | 阅读: 21 | 收藏 | medium.com 我們 bss 參數 執行 payload

DNSBL: Not just for spam Using DNS in order to block botnet, spammers and Tor with Nginx, Lua, ModSecurity and FakeDNSDNSBL i... 2018-8-13 04:5:20 | 阅读: 7 | 收藏 | Stories by theMiddle on Medium - medium.com blackhole spammers modsecurity dnsbl honey

Attacking Private Networks from the Internet with DNS Rebinding TL;DR Following the wrong link could allow remote attackers to control your WiFi router, Google Home... 2018-07-18 22:46:10 | 阅读: 366 | 收藏 | medium.com network rebinding rebind victim malicious

AppArmor: Say Goodbye to Remote Command Execution. Detecting human users: Is there a way to block enumeration, fuzz or web scan?No, you won’t be able t... 2018-7-3 13:14:27 | 阅读: 4 | 收藏 | Stories by theMiddle on Medium - medium.com stupid bots lua ftw totally