Home
Hacker Mindset
Cancel

Learning from your mistakes as an offensive security professional

A team methodology for extracting the best lessons out of your worst failures. Introduction In both my personal and professional lives I try my best to live by a simple statement: “Your fai...

Using AWS API Gateway as a bypass for IP based rate limiting

This is how you can bypass any IP based rate limiting defenses in your red teaming/pentesting engagements: An AWS Free Tier account and an API Gateway HTTP Proxy The situation Imagine you are...

Kaseya Supply Chain Attack

Introdução Há alguns dias atrás, a comunidade de segurança ao redor do mundo precisou se ocupar com o apelidado PrintNightmare. Uma falha crítica foi identificada no serviço de impressão do sistem...

Using tmux for automating interactive reverse shells

Automating the process of converting a non-interactive reverse shell to a fully interactive TTY. Introduction I’ve recently read agreat post about using the “expect” command line utility fo...

White Box Penetration Testing: 'Cheating' in order to boost impact and value

Almost every professional pentester is always thrilled when a black box pentesting comes along, however it’s probably in white box that you’ll be able to give your reports more meaning. Introduc...

This is how you can deliver true value through your pentest reports

There are only two things your client wants: how their business can be affected by impactful exploitation of a vulnerability and how they can prevent this from happening? The Scenario Let’s s...

Handling Short Expiration Time of Authorization Tokens

How not to waste precious time when testing a web applications or API’s with Burp Suite Introduction In my few years doing web/API pentesting, it was the first time I had to think about how...

Bypassing Phone Number Verification

In this post I’ll show you how I bypassed the phone number verification process in a website. I’m also going to explain why this was possible and what we can do to prevent this type of vulnerabi...

A Matchbox Machine that Learns

Hey you! So, here I am with my first post of 2019. And here, I’m going to write about a very cool thing that I learned a few weeks ago. But first the background story I’m taking an interest i...

Credentials validation without PoC

I’ve found a flaw in one of the Check Point appliances. Because I want to register a CVE, I’m required to have a public PoC explaining the vuln. So, here it is… What I discovered? Basicaly I ...