Category Archives: Security Not Included

NateMail Vulnerabilities (3.0.15) – XSS (CVE-2019-13392) and Open Redirect

I recently found a pair of NateMail vulnerabilities, and I wanted to publish them now that it's been over ninety days.

Continue reading

Leave a Comment

Filed under Security Not Included

WordPress Syntax Highlighting – Including x86 Support

I wanted to share how to setup WordPress syntax highlighting, since I've had people ask me how I format my posts.

Continue reading

Leave a Comment

Filed under Security Not Included

XSS Without Slashes – A Little Bit Harder Now

Another day, another filter bypass. This time, it is XSS without slashes!

Continue reading

Leave a Comment

Filed under Security Not Included

Referer XSS with a Side of Link Injection

I wanted to share an example of referer XSS, as I've never been able to play with it before.

Continue reading

Leave a Comment

Filed under Security Not Included

A Personal Update – Better Late Than Never

I haven't published a post in just over a month now, so I wanted to share a quick personal update.

Continue reading

4 Comments

Filed under Security Not Included

AFL Introduction – Installation and Basic Fuzzing

This post is long overdue, but I wanted to present an AFL introduction, and how to install/use it.

Continue reading

Leave a Comment

Filed under Security Not Included

PTC ThingWorx Vulnerability (CVE-2018-20092)

We disclosed a PTC ThingWorx Vulnerability regarding a directory traversal last year, and I wanted to finally share the write-up.

Continue reading

1 Comment

Filed under Security Not Included

XSS Without Spaces – Finally, an Easier Filter

Back to some web applications, I wanted to share an example of XSS without spaces.

Continue reading

Leave a Comment

Filed under Security Not Included

Intigriti XSS Challenge – Fun with DOM XSS

I just finished the Intigriti XSS challenge, and I wanted to share my write-up for it.

Continue reading

Leave a Comment

Filed under Security Not Included

Setting up a DigitalOcean VPN with strongSwan

In keeping with the VPN theme, here's a quick guide on setting up a DigitalOcean VPN with strongSwan.

Continue reading

Leave a Comment

Filed under Security Not Included