XML External Entity Injection | HackTheBox baby WAFfles order
We covered a simple demonstration of XML External Entity Injection vulnerability which is part of OWASP Top 10. This…
Python
Fuzzing Web Applications with Wfuzz | HackTheBox baby todo or not todo
We covered Fuzzing Web Applications with Wfuzz specifically fuzzing API endpoints. This was part of HackTheBox OWASP TOP 10…
Python Pickle Exploitation | HackTheBox OWASP Top 10 Baby Website Rick
We covered python pickle where we demonstrated the serialization and deserialization of python pickle objects. This was part of…
Python Eval Function Exploitation | TryHackMe Devie
We covered a scenario that demonstrates python exploitation through Eval function. Additionally we covered an example of XOR encryption…
Python Privilege Escalation | HackTheBox Cap | CREST CRT Track
We covered Insecure Direct Object Reference vulnerability exploitation along with Python privilege escalation as part of HackTheBox Cap CREST…
SQL Injection with SQLmap and Python Library Privilege Escalation | TryHackMe Biblioteca
Introduction This post is about TryHackMe Biblioteca. You can find the flags below and a video walkthrough as well….
Encoding and Decoding with Python | PicoCTF Transformation + net-cat
In this post, we covered encoding and decoding using python and Cyberchef. We solved two challenges from PicoCTF for…
Python Penetration testing and Security Analysis with Security onion+Wireshark
In this video walkthrough, I set up an analysis environment composed of security onion with Wireshark actively listening on…