Posts:

How to become a pentester

Intro

I receive a lot of emails.  (Please don’t make it worse, thanks!)   Unfortunately I don’t have as much spare time as I used to, or would like to, so I often have no other choice than Read more

Read More

Zabbix SQL Injection/RCE – CVE-2013-5743

Table of Contents

Table of Contents

Read More

Installing Watobo on BackTrack 5

Watobo author Andy Schmidt made 2 great videos about installing Watobo on Windows and on BackTrack 5. I created a rather simple and short shell script to install Watobo on BT5. Nothing new, nothing sensational, just to alleviate the installation process. Read more
Read More

Metasploit module : HTTP Form field fuzzer

Introduction

About a month after releasing an ftp client fuzzer module for Metasploit, I decided to release yet another fuzzer module I have been working on over the last few weeks.

This new module can be used to audit Read more

Read More

HaXx.Me #3 – Corelan Team documentation

Last week (oct 17 2010), Lincoln (one of the Corelan Team members) informed the other team members about an ongoing hacking challenge (HaXx.Me #03) organized and hosted by MaXe (@intern0t).

When I saw his message, it was already Sunday Read more

Read More

WATOBO – the unofficial manual

WATOBO is intended to enable security professionals to perform highly efficient (semi-automated) web application security audits. I am convinced that the semi-automated approach is the best way to perform an accurate audit and to identify most of the vulnerabilities.

Read more

Read More