As it's been making the rounds recently, I wanted to try my hand at cracking 256-bit RSA keys.
NateMail Vulnerabilities (3.0.15) – XSS (CVE-2019-13392) and Open Redirect
I recently found a pair of NateMail vulnerabilities, and I wanted to publish them now that it's been over ninety days.
Filed under Security Not Included
Basic xortool Usage and Flag Capturing
With all of my CTF posts, I have neglected to talk about xortool.
Filed under Security Not Included
Using Royal TSX to Easily RDP from macOS
I've been using Royal TSX to RDP from my MacBooks, and I'm quickly becoming a fan of it.
Filed under Security Not Included
WordPress Syntax Highlighting – Including x86 Support
I wanted to share how to setup WordPress syntax highlighting, since I've had people ask me how I format my posts.
Filed under Security Not Included
XSS Without Slashes – A Little Bit Harder Now
Another day, another filter bypass. This time, it is XSS without slashes!
Filed under Security Not Included
Referer XSS with a Side of Link Injection
I wanted to share an example of referer XSS, as I've never been able to play with it before.
Filed under Security Not Included
A Personal Update – Better Late Than Never
I haven't published a post in just over a month now, so I wanted to share a quick personal update.
Filed under Security Not Included
AFL Introduction – Installation and Basic Fuzzing
This post is long overdue, but I wanted to present an AFL introduction, and how to install/use it.
Filed under Security Not Included
PTC ThingWorx Vulnerability (CVE-2018-20092)
We disclosed a PTC ThingWorx Vulnerability regarding a directory traversal last year, and I wanted to finally share the write-up.
Filed under Security Not Included