I haven't published a post in just over a month now, so I wanted to share a quick personal update.
AFL Introduction – Installation and Basic Fuzzing
This post is long overdue, but I wanted to present an AFL introduction, and how to install/use it.
Filed under Security Not Included
PTC ThingWorx Vulnerability (CVE-2018-20092)
We disclosed a PTC ThingWorx Vulnerability regarding a directory traversal last year, and I wanted to finally share the write-up.
Filed under Security Not Included
XSS Without Spaces – Finally, an Easier Filter
Back to some web applications, I wanted to share an example of XSS without spaces.
Filed under Security Not Included
Intigriti XSS Challenge – Fun with DOM XSS
I just finished the Intigriti XSS challenge, and I wanted to share my write-up for it.
Filed under Security Not Included
Setting up a DigitalOcean VPN with strongSwan
In keeping with the VPN theme, here's a quick guide on setting up a DigitalOcean VPN with strongSwan.
Filed under Security Not Included
VulnReport Docker Container – DIY Pentest Reporting
I (not so) recently setup a VulnReport Docker container in my lab, and I wanted to share the process.
Filed under Security Not Included
Iodine DNS Tunneling – Not Just for Exfiltration!
Continuing with my theme of VPNs, I thought I'd share some Iodine DNS tunneling this week.
Filed under Security Not Included
OpenPYN NordVPN – Always on Linux VPN
I recently setup OpenPYN NordVPN in my homelab, and I wanted to share how simple it is.
Filed under Security Not Included
Vulnserver LTER EIP Overwrite – A Little Easier This Time
While a simpler exploit, I wanted to share my LTER EIP overwrite as well.
Filed under Security Not Included