Taking a look at BooFuzz in preparation for Lost Rabbit Labs - Haktober Event! BooFuzz is a network Protocol Fuzzer for Humans.…
Using online resources to learn about writing fuzzing harnesses for the AFL fuzzer.…
Mini-Blog series working the challenges on the ROP Emporium website. Challenge 0x03 - Callme…
Mini-Blog series working the challenges on the ROP Emporium website.…
For some reason, Cross-Site Request Forgery has been a vulnerability I have had a hard time getting a full understanding of so I thought it would make a good topic for one of these posts. Before we can get into examples though, let's talk about what Cross-Site Request Forgery (CSRF) is. OWASP defines it as "an attack that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated." They go into more detail, but let's pull that apart first. CSRF is all about having something happen within the context of a targeted…
Mini-Blog series working the challenges on the ROP Emporium website.…
In this short blog post we will be covering how to call functions directly from GDB.…
Part 1 of a series doing a deep dive into Windows internals. Following along with the book Windows Internals Part 1.…