Home
Hacker Mindset
Cancel

Kaseya Supply Chain Attack

Introdução Há alguns dias atrás, a comunidade de segurança ao redor do mundo precisou se ocupar com o apelidado PrintNightmare. Uma falha crítica foi identificada no serviço de impressão do sistem...

Using tmux for automating interactive reverse shells

Automating the process of converting a non-interactive reverse shell to a fully interactive TTY. Introduction I’ve recently read agreat post about using the “expect” command line utility fo...

Bypassing Phone Number Verification

In this post I’ll show you how I bypassed the phone number verification process in a website. I’m also going to explain why this was possible and what we can do to prevent this type of vulnerabi...

A Matchbox Machine that Learns

Hey you! So, here I am with my first post of 2019. And here, I’m going to write about a very cool thing that I learned a few weeks ago. But first the background story I’m taking an interest i...

Credentials validation without PoC

I’ve found a flaw in one of the Check Point appliances. Because I want to register a CVE, I’m required to have a public PoC explaining the vuln. So, here it is… What I discovered? Basicaly I ...