pentesting LTR101 - Facing Your Fears Following a wee dry spell of blog posts here's my latest(a wee quickie). At the time of writing this blog I've since done three security conference talks in my life so far!
docker LTR101 - Disposable Attack Containers (DAC) My take on using docker for disposable attack images, basically leveraging docker images for Bug Bounties & Pentesting.
pentesting Open Redirect in Oracle EBS (CVE-2017-3528) Writeup of my first CVE; An open redirect in Oracle E-Business Suite, patched in April 2017 CPU(CVE-2017-3528).
CSRF Delivering Many a Payload via CSRF CSRF Is still an issue in 2018, with some interesting payload delivery methods. Chaining vulns and some more on CSV Injection too!
hacking XXE - Things Are Getting Out of Band XXE Out of Band testing, explaining how to execute XXE OOB attacks over HTTP & FTP. Additional explanation on XXE RCE.
hacking Leading the Blind to Light! - A Chain to RCE Tl;DR I found a misconfigured host & leveraged a few vulnerabilities to gain the final end goal of remote code execution!
learning How to Pwn things over IPv6 IPv6 is the demon that many testers dare not touch very often as it is still not the norm or widely adopted. Don't get me wrong, it is available(it has been for
weekend LTR101: My First CloudFront Domain Takeover/Hijack Sub Domain Hijack Issue Hijack/takeover attacks can happen when a company creates a DNS entry that points to a third party service(CNAME Record), however, forget about the third party application leaving
ltr101 LTR101: Programming Fundamentals In security it can be very useful to understand programming, whilst you might not be able to code straight away it is very very useful to understand the core fundamentals. Throughout my blog,
defcon Why Infosec Conferences are Awesome [DC, BSides, Steelcon, The Rest] Taking a quick step away from tutorials and write-ups, here is what was originally a blog about DEF CON 25 and all the things in-between. However, as I'm just back from BSidesManchester, and
bugbounty May the Shells be with You - A Star Wars RCE Adventure! Intro Continuing the non-ltr101 posts for a second here is a quick write-up of a cool bug I found recently on a bounty program. It features Remote Code Execution via an abandoned web
learning Hunting in the Dark - Blind XXE Before getting into the post, this isn't anything brand new or leet in the area of XML External Entity (XXE) attacks, it is purely something I came across and wanted to share. The
tool [Tools Release] GoogD0rker & AttackDeploy This post serves as a quick description of two scripts I have written and published on my Github. It's not often that I take or even have the time to write things other
ltr101 LtR101: Selling Yourself & Hacking Your Career Path Having the technical skills are great, going to meet-ups and making the social contacts is even better. What really gets you in the door though? Knowing people? A CV? Being somewhat known? All
bugbounty Bug Bounty Forum AMA (x-post from BBF) Introduction What is your name, if you do not want to disclose your name, what is your handle/nickname? Where are you from? How long have you been hacking? How did you get
ltr101 LtR101: Book Published After almost 6 months, today is the day I finally finished & published: Breaking Into Information Security: Learning the Ropes 101. What does this mean exactly? Well more blog posts now as the
Getting Started Learning the Ropes 101 - Virtualisation This post talks of what virtualisation is, why it is important and how it works. I will also take you through setting up your first virtual machine (VM). What is Virtualisation Virtualisation put
learning Learning The Ropes 101: Note Taking & Session Tracking One of the most important tasks to do alongside hacking & reporting is note taking and tracking your work. Why? you might ask, because you never know when a session is going to
Getting Started LtR101: Web Application Testing Methodologies I get loads of messages on various mediums each week asking about how to get into information security & bug hunting. Queries range from how to do things through to how to get
Getting Started Web Application Testing - Tooling Having given an introduction into web app testing it is now time to move onto the tooling. Noting that this is for testing and not specifically bug bounty hunting. The tooling and techniques
Getting Started Web Application Testing(Learning the Ropes 101)- Introduction To give some background, for those of you who do not already know I work as a pentester and my specialism is web application pentesting/penetration testing(also referred to some as appsec)
bugbounty gif it time it'll come to you - Finding More Holes in The Hub Following suit of stored cross site scripting vulnerabilities this post will talk about another issue I found in Pornhub. Unfortunately someone found before me and as a result this bug was a duplicate.
Getting Started Learning the Ropes 101 - People Skills For most of you reading this series you might have seen the first few technical articles then one about reporting, now you're seeing this about people skills. It's got you thinking now hasn't
bugbounty Learning the Ropes 101: Stay Beautiful, Stay Verbose Having recently just arrived back from DEFCON 24 Las Vegas, I've not had a chance to write up much in regards to blogging and for that I am sorry! Anyway this post will
Getting Started Learning the Ropes 101: Operating Systems - Linux When learning about information security, software development, computer science or "insert other relevant topic here" it is likely that you will come up against a variety of different operating systems. Most
