In this blog post you will learn how to identify basic Remote Code Execution vulnerabilities and how to exploit them.Caution: Some payloads discussed here can
Category: Penetration Testing
DLL Hijacking – Finding CVE-2023-36546 in PEStudio 9.52
How to discover your first CVEs with DLL Hijacking
Bypassing Application Whitelisting
Application whitelisting is a very effective protection mechanism, but it can be difficult to manage and deploy at scale, and is not commonly deployed by
Mobile Pentesting 101 – How to set up your Android Environment
This article gives an idea about how your Android pentesting environment should look like. What tools should I use? Do I really need a physical device? Do I need a rooted device to pentest an application?
EC2StepShell: A Tool for Getting Reverse Shells on Instances with Network Restrictions
A tool for getting reverse shells in EC2 instances where network communication to your host is restricted. In my last article, AWS ssm:SendCommand or network
A Complete Kubernetes Config Review Methodology
The are many resources out there that tap into the subject of Kubernetes Pentesting or Configuration Review, however, they usually detail specific topics and misconfigurations
Security Café 