Month June 2019

Security Not Included

XSS Without Slashes – A Little Bit Harder Now

Another day, another filter bypass. This time, it is XSS without slashes! Ray DoyleRay Doyle is an avid pentester/security enthusiast/beer connoisseur who has worked in IT for almost 16 years now. From building machines and the software on them, to…

Ray Doyle
June 29, 2019
2 Comments

Security Not Included

Referer XSS with a Side of Link Injection

I wanted to share an example of referer XSS, as I’ve never been able to play with it before. Ray DoyleRay Doyle is an avid pentester/security enthusiast/beer connoisseur who has worked in IT for almost 16 years now. From building…

Ray Doyle
June 22, 2019

Security Not Included

AFL Introduction – Installation and Basic Fuzzing

This post is long overdue, but I wanted to present an AFL introduction, and how to install/use it. Ray DoyleRay Doyle is an avid pentester/security enthusiast/beer connoisseur who has worked in IT for almost 16 years now. From building machines…

Ray Doyle
June 8, 2019

Security Not Included

PTC ThingWorx Vulnerability (CVE-2018-20092)

We disclosed a PTC ThingWorx Vulnerability regarding a directory traversal last year, and I wanted to finally share the write-up. Ray DoyleRay Doyle is an avid pentester/security enthusiast/beer connoisseur who has worked in IT for almost 16 years now. From…

Ray Doyle
June 1, 2019
1 Comment