In early November 2025, a massive data breach at Knownsec, a prominent Chinese cybersecurity firm with government connections, exposed over 12,000 classified documents revealing the company’s …
Note: OSWE is one of three certifications required for OSCE3 (along with OSED and OSEP), which replaced the original OSCE in 2020. I passed the Offensive Security Web Expert exam in July 2020. Now, I …
Hacking the Northpolechristmastown # l2s.northpolechristmastown.com # Letters to Santa app contains a reference to a development system in a HTML comment section. <!-- Development version --> …
Introduction # The third boot2root system in the Breach series is an intermediate challenge. This time the VM will automatically acquire an IP address via DHCP. Flag 1 # First, let’s identify …
Introduction # Breach 2.1 is meant to be beginner to intermediate boot2root/CTF challenge. The VM is configured with a static IP address (192.168.110.151) so you will need to configure your host-only …
Introduction # Breach 1.0 is meant to be beginner to intermediate boot2root/CTF challenge. The VM is configured with a static IP address (192.168.110.140) so you will need to configure your host-only …
Introduction # Word macros are one of the top sources of malware infection. Creating such a malicious macro can be done in less than 10 minutes. This article will give an insight how to perform such …
Introduction # May 2016 I had the chance to participate in the SANS SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking in Amsterdam. The course syllabus gave a good outline …
Introduction # Cracking with the desktop computer is not always a good idea. It can be quite noisy when you are trying to sleep. The room can become too hot for a hacker. And most important of all, …
Summary # Which commands are sent across the Gnome’s command-and-control channel? EXEC:iwconfig in packet 363 EXEC:cat /tmp/iwlistscan.txt in packet 573 What image appears in the photo the Gnome sent …
Update (October 2020): The OSCE certification and Cracking the Perimeter (CTP) course have been retired. They have been replaced by OSCE3, which requires passing three certifications: OSED (Windows …
Prerequisites # Exploit-Exercises: Protostar Final 0 # For this level we have got a binary listening on port 2995. Exploitation # Let’s find out what this binary is up to. 0x08049833 …
Prerequisites # Exploit-Exercises: Protostar Heap 0 # For this scenario we need to run the winner() function. To get a better idea about the binary a look at the assembly helps. 0x08048492 …
Prerequisites # Exploit-Exercises: Protostar Net 0 # For this exercise we have got a service listening on port 2999. Let’s connect and see what it does. user@protostar:/opt/protostar/bin$ telnet …
Prerequisites # Exploit-Exercises: Protostar Format 0 # First of all, we take a look at the disassembly. ... 0x08048431 <main+6>: sub $0x10,%esp 0x08048434 <main+9>: mov 0xc(%ebp),%eax ; …
Prerequisites # Exploit-Exercises: Protostar Stack 0 # For this scenario we need to overwrite the stack variable $modified. To get a better idea about the binary a look at the assembly helps. …
I received my OSCP certification via mail. The perfect time to write a short review. Try Harder!
Prerequisites # Windows XP SP3 (en-us) Immunity Debugger AviosoftDTVPlayerPro Triggering the overflow # After some fuzzing the basic exploit can be created with the following python code. …
Prerequisites # Windows XP SP3 (en-us) Immunity Debugger Easy RM to MP3 Converter Identifying the Vulnerability # First of all we need to identify the appropriate buffer size for the exploit. To do …