-
XSS : Get string without quote
Sometimes, in JavaScript, we need to create String without using quotes or String.fromCharCode(). Learn how to take advantage from short RegExp...Continue reading →
2 January 2017 1 messages -
TVT DVR/CCTV webshell exploit
This is another exploit implementation for TVT derived DVR/CCTV devices which have a root cmd injection vulnerability. It is based on routersploit framework, it checks...Continue reading →
15 December 2016 0 messages -
My VBA Bot
As other members of CERTs I noticed the revival of VBA malware these past years, especially used to drop ransomwares. To better understand and for the fun, I decided to give a...Continue reading →
11 July 2016 4 messages
-
Bypass start address protection
Over the year several mechanisms were developed by vendors to prevent code injection. A common mechanism is to detect invalid start address of the injected thread. Here, as an example we are... Continue reading →
5 September 2019 0 messages
Search
Most popular
2. Fun combining anti-debugging and anti-disassembly tricks
3. VNC to access Kali Linux on Raspberry Pi
5. Modify any Java class field using reflection.
5 random articles
1. Implement hash service using JCE
2. Modify any Java class field using reflection.
3. Process PE Injection Basics
5. Enable securitymanager for Spring and Hibernate
Sponsor
If you appreciate my work, you may help or reward with a contribution :)
