Category Archives: Security Not Included

A Personal Update – Better Late Than Never

I haven't published a post in just over a month now, so I wanted to share a quick personal update.

Continue reading

4 Comments

Filed under Security Not Included

AFL Introduction – Installation and Basic Fuzzing

This post is long overdue, but I wanted to present an AFL introduction, and how to install/use it.

Continue reading

Leave a Comment

Filed under Security Not Included

PTC ThingWorx Vulnerability (CVE-2018-20092)

We disclosed a PTC ThingWorx Vulnerability regarding a directory traversal last year, and I wanted to finally share the write-up.

Continue reading

1 Comment

Filed under Security Not Included

XSS Without Spaces – Finally, an Easier Filter

Back to some web applications, I wanted to share an example of XSS without spaces.

Continue reading

Leave a Comment

Filed under Security Not Included

Intigriti XSS Challenge – Fun with DOM XSS

I just finished the Intigriti XSS challenge, and I wanted to share my write-up for it.

Continue reading

Leave a Comment

Filed under Security Not Included

Setting up a DigitalOcean VPN with strongSwan

In keeping with the VPN theme, here's a quick guide on setting up a DigitalOcean VPN with strongSwan.

Continue reading

Leave a Comment

Filed under Security Not Included

VulnReport Docker Container – DIY Pentest Reporting

I (not so) recently setup a VulnReport Docker container in my lab, and I wanted to share the process.

Continue reading

Leave a Comment

Filed under Security Not Included

Iodine DNS Tunneling – Not Just for Exfiltration!

Continuing with my theme of VPNs, I thought I'd share some Iodine DNS tunneling this week.

Continue reading

Leave a Comment

Filed under Security Not Included

OpenPYN NordVPN – Always on Linux VPN

I recently setup OpenPYN NordVPN in my homelab, and I wanted to share how simple it is.

Continue reading

Leave a Comment

Filed under Security Not Included

Vulnserver LTER EIP Overwrite – A Little Easier This Time

While a simpler exploit, I wanted to share my LTER EIP overwrite as well.

Continue reading

2 Comments

Filed under Security Not Included