Skip to main content
Link
Menu
Expand
(external link)
Document
Search
Copy
Copied
Home
About me
Achievements
Writeups, Articles & Videos
Web Hacking
WAF bypass and vulnerability chain exploiting parser differentials
Finding SSTI in an EJS app using existing exploits and undocumented features
Exploit Arbitrary Deserialization through Blind SQL Injection
Exploit Zip Slip vulnerability in python tarfile
Bypassing addslashes() using format string to get SQL Injection
Pickle Insecure Deserialization
Android Hacking
Intercept HTTPS on non-rooted Android devices
Bypass certificate pinning with Frida and Xposed
Reverse and patch an easy APK
How to set up an Android Penetration Testing Lab from scratch
InfoSec Education
Let's talk about community with Meethack Torino
How NOT to react to a responsible disclosure (CVE-2023-47444)
Getting Started with GeoGuessr and OSINT (UMDCTF 2023)
0xbro, from developer to pentester (Beyond technology, Ep. 01)
Taking effective notes for CTF, OSCP and other labs
The 5 BEST platforms to practice Ethical Hacking in 2022
My OSCP Journey
HackTheBox
Noter
Timelapse
Late
RouterSpace
Paper
AdmirerToo
Knife
Love
Armageddon
TheNotebook
Spectra
Ophiuchi
ScriptKiddie
Tenet
Delivery
Ready
Tabby
Blunder
Traceback
OpenAdmin
Obscurity
Traverxec
Postman
Writeup
Disclosures
Disclosure Policy
Disclosed vulnerabilities
Authenticated Static Code Injections in OpenCart (CVE-2023-47444)
Digital Private Vault (APK)
Cheatsheets and notes
My notes 🡵
Tool cheatsheets 🡵
File transfer 🡵
Privilege Escalation 🡵
Reverse shell cheatsheet 🡵
Upgrade your shell 🡵
Support me!
Support me
Are you enjoying my contents and want to support my work?