•
Over the last few months, my primary focus has been hacking. As an attacker, seeing file-sharing systems like Samba, FTP, and NFS get me excited to find loot! However, in my downtime, I love to partake in movie watching from my ever-growing DVD collection. The problem is that I love using my Chromecast. The…
•
I’ve tried to summarize a lot of information from HackTricks, YouTube, HTB write-ups, disclosed vulnerabilities, and the GraphQL documentation to come up with succinct notes on GraphQL. This way you don’t need to be an expert to focus on what’s important. I’m not claiming to be an expert on GraphQL, but enough to know…
•
I was recently in an engagement with a web application that was interconnected with about half a dozen services while offering up a few dozen API routes that had to be tested within three days. As I stared at the flow chart provided and tried to gather an understanding of what I needed to…
•
Let’s say you’ve been assigned some mobile work. You’re a pentester, mobile developer, or just a tinkerer who needs to be able to see traffic flowing to and from your Android device. Chances are you’re going to want to use BurpSuite to help make your life a little bit easier. Problem is that the…
•
For web-based applications, Timing-based Username Enumeration is a great find. For testers it’s low-hanging fruit and a great way to enumerate valid accounts for password attacks or social engineering. For engineers, fixing can be a pain in the rear end. Recently, I had an interesting debate with a coworker after writing a re-test report…
•
In a previous post, I highlighted my overall OSCP experience. The high-level ideas around education, studying, and exam attempts are there, but I wanted to touch on something that I didn’t elaborate on — mindset. A lot of the OSCP prep feels like a grind. Enumerate a machine, find something vulnerable, exploit, elevate privileges, repeat. Over…
•
For the uninitiated, the Offensive Security Certified Professional (OSCP) is an ethical hacking certification that demonstrates a pentester’s ability to breach systems in a timed manner as well as document their findings in a professional and ethical manner. In the security world, the certification is the defacto entry-level certification known for its toughness coming…