Tuesday, May 19, 2020

Late to the party, or, in other words massive web enumeration using ffuf.

Few days back I had the opportunity to take part in a challenge event, which I went last minute and unprepared. There are few good reason ...
Tuesday, March 24, 2020

Solving CAPTCHA using Burp suite proxy and mitmproxy.

Few days back I was facing an issue in one of my tests. The web application was logging my session off every few minutes and also it was lo...
Thursday, March 12, 2020

Using Burp Intruder for auth bypass - CTF, root-me.org / BSCorp - Linux

This is a small post on using Burp's Intruder to bypass login authentication. The idea for this post is from a CTF challenge on root-m...
Tuesday, July 30, 2013

Identifying fake shellcode - quick guide

Identifying the fakes Yesterday I notice one exploit for Microsoft Remote Desktop, with the name "Microsoft Remote Desktop User/Passw...
2 comments:
Wednesday, March 27, 2013

Openvas quick installation on Backtrack linux

It’s been some time since I wrote something in this blog, work and contributing in other sites took most of my time, but still this is my pe...
Saturday, August 18, 2012

3.094 Hacked PLESK servers, more than 15.000 domains and this is just 3%

I wrote again about the infected PLESK systems, Brian Krebs wrote about the topic some time later in the year ( http://krebsonsecurity.com/2...
Wednesday, May 9, 2012

Nmap script to check PLESK compromised servers

Few days back I wrote about the PLESK compromised servers in www.my-audit.gr , at that time I made a script to perform manual checks for ou...