Apache Flink 1.9.x (Part 1: Set Up)This is blog is to set up your own lab environment for Apache Flink 1.9.x. There was a vulnerability published recently on exploit db and…Nov 5, 2020Nov 5, 2020
Zentao Pro 8.8.2 RCEIn July, a remote command execution exploit was released on an application named Zentao Pro. When I examined the application’s code, I…Sep 23, 2020Sep 23, 2020
Code Review MethodologyWhile practicing performing code review, I have found there a good methodology is a cyclic process that repeats itself again and again…Jul 20, 2020Jul 20, 2020
White Box Challenge 1 — EASYAfter doing the AWAE course, I felt like I needed to do more practice. There are other materials such as the HTB boxes similar to OSWE. I…Jul 8, 2020Jul 8, 2020
JSON Web Token — Lab GuideI have created a lab for everyone to practice testing against JSON Web Tokens. It is quite a simple lab and the goal is to modify the…May 17, 20201May 17, 20201
Beginner Code Review (Part 2)Part 2 of the Beginner Code Review Series. Here I will be describing how the vulnerabilities found can be used to escalate privileges. I…Apr 29, 2020Apr 29, 2020
Beginner Code Review(Part 1)To improve my code review skills I decided to go over Pentesterlab’s free code review exercise. It can be found at…Apr 27, 20201Apr 27, 20201
My OSCP Journey Brain DumpI recently got my email saying I passed the OSCP exam first time. This blog will illustrate the approach I used and what worked for me. I…Apr 17, 2020Apr 17, 2020