Xssy is a new (at least for me) platform, developed and maintained by https://github.com/paj28 and packed with free content from the growing community they are building. The Platform As the name states, Xssy hosts a range of XSS challenges in a CTF format. User’s are given a vulnerable page and a goal, 99% being “leak…
Okay so depending on your perspective of profit, this may or may yield some. I’ll build working, non-working, ‘secure’ and vulnerable applications for various platforms to help further understand the fundamentals and inner workings. So for me, building a vulnerable app to hack it gives me profit in the form of knowledge. If you have…
Introduction In the past when writing/using little implants and agents, a blocker seems to be embedding shellcode. Shellcode that has malicious intent and is designed to give us a shell or execute some form of ‘dangerous’ process has likely been caught in the past, signatured and had the word spread to AV vendors. For that…
First Steps As the title states, this post will focus primarily around some obfuscation steps I am taking for my generated source code. All templates and code blobs that are used and merged together through the entire process are clear text, commented, very human readable and have obviously named functions and variables. I was doing…
Introduction In the previous post, I briefly introduced my new side project, ‘meh’. This loosely detailed the idea, the current state of the tool and the next steps I was planning. Since then, I have implemented a collection of new features, slowly ticking away at the previous ’next steps’ list, as well as refactoring some…
Introduction Meh (‘Moderate Efficiency Helper’) is a tool I started recently that combines a bunch of things I love, all into one. In short, meh helps randomly generate and compile binaries that can help get malicious payloads, and tools, past detection systems. The current list of things I love that this tool is helping cover:…
Introduction Dante is a “Pro Lab”, available on Hack the Box, that has been designed and labelled to be beginner friendly. Now in true HTB fashion, easy/beginner does not mean what readers may think it means. In the perspective of HTB difficulty, yes it probably does match that, but if I came into this blind…
Intro, Basic Overflow and Offsets During a CTF I was required to exploit a buffer overflow in a binary that elevated it’s privileges to root. The main goal was to utilise this functionality and pop a shell, inheriting the root context that the binary was granted. I won’t go into detail about fuzzing and finding…
Introduction A quick introduction to the first step to reading your iOS application traffic. Most applications utilise some form of certificates to sign their traffic with, if they’re not… then maybe you should buy the developers a calendar and highlight the current year. Typically, every iOS application pentest I do, killing SSL certificates is the…
TLDR; Code here -> https://github.com/crawl3r/FunWithAMSI Introduction We all know that AMSI can be a pain sometimes. We just want to get our beacon running, pop some dodgy code, abuse something that Windows doesn’t like, whatever it may be. But who is right there, waiting to ruin our fun… that’s right, good old AMSI. Although a pain,…