Reposted by captnbanana
February 25, 2025 at 6:01 AM
Reposted by captnbanana
World's First MIDI Shellcode
Blog post about a reverse engineering project
psi3.ru
January 26, 2025 at 12:46 PM
Reposted by captnbanana
I just wrote a new blog post! This is how I (ab)used a jailed file write bug in Tomcat/Spring. Enjoy!
Remote Code Execution with Spring Properties :: srcincite.io/blog/2024/11...
Remote Code Execution with Spring Properties :: srcincite.io/blog/2024/11...
Remote Code Execution with Spring Properties
Recently a past student came to me with a very interesting unauthenticated vulnerability in a Spring application that they were having a hard time exploiting...
srcincite.io
November 26, 2024 at 11:57 PM
I just wrote a new blog post! This is how I (ab)used a jailed file write bug in Tomcat/Spring. Enjoy!
Remote Code Execution with Spring Properties :: srcincite.io/blog/2024/11...
Remote Code Execution with Spring Properties :: srcincite.io/blog/2024/11...
still the best bug: GraphQL discloses internal beer consumption (hackerone.com/reports/419883)
November 25, 2024 at 8:35 AM
still the best bug: GraphQL discloses internal beer consumption (hackerone.com/reports/419883)
Reposted by captnbanana
Volexity discovered an APT which breached the *neighbors* of its target over Internet, before pivoting via WiFi
That’s close proximity attacks from another continent 🌐 🤯
That’s close proximity attacks from another continent 🌐 🤯
The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access
In early February 2022, notably just ahead of the Russian invasion of Ukraine, Volexity made a discovery that led to one of the most fascinating and complex incident investigations Volexity had ever w...
www.volexity.com
November 24, 2024 at 9:43 PM
Volexity discovered an APT which breached the *neighbors* of its target over Internet, before pivoting via WiFi
That’s close proximity attacks from another continent 🌐 🤯
That’s close proximity attacks from another continent 🌐 🤯
