Manual SQLi Bypass
SQL injection can be one of the most dangerous vulnerabilities. Here we will see how to bypass certain controls that developers put in their code ... Read More
Understanding SSRF
Here we will see what a Server Side Request Forgery is, how hackers can exploit it, and what are the best ways to protect against this attack ... Read More
Search the History
As everyone knows in our context, production credentials should be protected. In this post, we explain how to extract old credentials and how to protect them ... Read More
Respond the Name
Windows hosts use LLMNR and NBT-NS for name resolution on the local network. These protocols do not verify addresses, and here we detail how to exploit this ... Read More
How to Pass the OSCP
The OSCP exam is one of the hardest certifications out there for pentesters. Here we show you how you can prepare yourself to do your best on it ... Read More
Intercepting Android
Android is one of the most suitable targets for hackers. Here we show how to intercept Android apps' web traffic by installing a self-signed certificate ... Read More
Roasting Kerberos
Windows Active Directory works using the Kerberos protocol, and in this blog post, we detail how we can exploit its functionality to obtain user hashes ... Read More
Secure Cloud as Code
Here we want to help you secure your deployments and avoid common mistakes. Infrastructure as code is one of the easiest ways to leverage cloud computing ... Read More
Bounty Writeup
In this article, we present how to exploit a Bounty machine's vulnerabilities and how to gain access as an Administrator and obtain the root flag ... Read More
Vulnerability Disclosure Ecosystem
In this blog post, we will explain some good practices of vulnerability disclosure by information security analysts ... Read More
