AWAE Course and OSWE Exam Review
Introduction This is a review of the Advanced Web Attacks and Exploitation (WEB-300) course and its OSWE exam by Offensive-Security. I’ve taken this course b...
Recent posts
Smuggling an (Un)exploitable XSS
Smuggling an (Un)exploitable XSS This is the story about how I’ve chained a seemingly uninteresting request smuggling vulnerability with an even more uninte...
CVE-2020-16171: Exploiting Acronis Cyber Backup for Fun and Emails
CVE-2020-16171: Exploiting Acronis Cyber Backup for Fun and Emails You have probably read one or more blog posts about SSRFs, many being escalated to RCE. Wh...
Bug Bounty Platforms vs. GDPR: A Case Study
What Do Bug Bounty Platforms Store About Their Hackers? I do care a lot about data protection and privacy things. I’ve also been in the situation, where a bu...
H1-4420: From Quiz to Admin - Chaining Two 0-Days to Compromise An Uber Wordpress
TL;DR While doing recon for H1-4420, I stumbled upon a Wordpress blog that had a plugin enabled called SlickQuiz. Although the latest version 1.3.7.1 was ins...