AutoUpdater Vulnerability – XXE Injection (CVE-2019-20627)

I recently found an AutoUpdater Vulnerability, and I am now ready to publish it.

Continue reading

Leave a Comment

Filed under Security Not Included

CTF Regex for Flags and Victory (DerbyCon 2019)

We have been using some CTF regex recently, and I thought it was worth sharing.

Continue reading

Leave a Comment

Filed under Security Not Included

Hack the Box DevOops Walkthrough – XXE FTW

While it was a bit ago, I also solved the Hack the Box DevOops box.

Continue reading

Leave a Comment

Filed under Security Not Included

Coalfire NPK – Installation, Configuration, and Usage

I setup Coalfire NPK recently for some password cracking and wanted to share the process and my thoughts.

Continue reading

Leave a Comment

Filed under Security Not Included

OWASP Juice Shop + CTFd = Easy DIY CTFs!

I recently setup OWASP Juice Shop + CTFd for some internal training/CTFs, and I wanted to share the process.

Continue reading

Leave a Comment

Filed under Security Not Included

Download Images from HTML – Including WordPress Posts

I recently wanted to download images from HTML, and I wanted to share the script that I wrote for this.

Continue reading

Leave a Comment

Filed under Security Not Included

Close Android Chrome Tabs – Now With Automation

I wanted a way to close Android Chrome tabs, and now I have it.

Continue reading

Leave a Comment

Filed under Security Not Included

More Jira Enumeration (usernames) – CVE-2019-8449

I performed even more Jira enumeration on usernames recently but using a different exploit.

Continue reading

1 Comment

Filed under Security Not Included

More Intigriti XSS – Just Shy of Success

I attempted another Intigriti XSS challenge a few months ago and wanted to share my attempts.

Continue reading

Leave a Comment

Filed under Security Not Included

Using Python 2to3 to Easily Upgrade (Finally)

I finally upgraded one my my repositories using Python 2to3, and I wanted to share how.

Continue reading

Leave a Comment

Filed under Security Not Included