Remote Code Execution Techniques and more.

10 Sep 2019 » H1-4420: From Quiz to Admin - Chaining Two 0-Days to Compromise An Uber Wordpress

20 Jun 2019 » About a Sucuri RCE...and How Not to Handle Bug Bounty Reports

13 May 2019 » CVE-2018-7841: Schneider Electric U.Motion Builder Remote Code Execution 0-day

09 Apr 2019 » Dell KACE K1000 Remote Code Execution - the Story of Bug K1-18652

29 Jun 2018 » H1-3120: MVH! (H1 Event Guide for Newbies)

03 May 2018 » H1-415: Hacking My Way Into the Top 4 of the Day

22 Nov 2017 » H1-212 CTF: Breaking the Teapot!

18 Oct 2017 » CVE-2017-14955: Win a Race Against Check_mk to Dump All Your Login Data

13 Oct 2017 » CVE-2017-14956: AlienVault USM Leaks Sensitive Compliance Information via CSRF

28 Aug 2017 » Upgrade from LFI to RCE via PHP Sessions

01 Mar 2017 » Ok Google, Give Me All Your Internal DNS Information!

23 Jan 2017 » RCESEC-2016-012: Mattermost <= 3.5.1 Error Page Cross-Site Scripting / Content Injection

31 Dec 2016 » HamburgSides 2016: Magic Superpowers!

20 Sep 2016 » 44CON London 2016: When Hackers Meet a Corgi!

27 Jun 2016 » SLAE Course and Exam Review

28 Apr 2016 » SLAE: Custom Crypter (Linux/x86)

12 Apr 2016 » SLAE: Polymorphic Shellcodes (Linux/x86)

23 Feb 2016 » Ubiquiti Bug Bounty: UniFi v3.2.10 Generic CSRF Protection Bypass

29 Dec 2015 » BSidesHH: Ambiguity is Insecurity

16 Sep 2015 » CVE-2015-5956: Bypassing the TYPO3 Core XSS Filter

• «
• First
• 1(current)
• 2
• 3
• 4
• 5
• Last
• »