Recent Posts


HackTheBox - Timing

The Timing machine on HTB has some interesting web exploitation paths that reminded me of the OSCP and OSWE course labs. The intended path involves a Local File Inclusion (LFI) vulnerability combined with a File Upload function...

Fun with ARP - A Look at the Protocol

The Address Resolution Protocol (ARP) is an essential part of the TCP/IP protocol suite and will remain in common use as long as IPv4 sticks around. It is a very simple protocol and fun to hack with....

Vulnserver Part 3 - HTER

This third part of our Vulnserver series looks rather easy at first. The buffer overflow can be done without any fuzzing. But once we look at the stack we find our input bytes have been...

Vulnserver Part 2 - GMON

In the second part of our Vulnserver series we encounter a SEH-based buffer overflow. SEH stands for Structured Exception Handling. The exploitation process is sligthly different...

Vulnserver Part 1 - TRUN

In this first part of our Vulnserver series we will take a look at the TRUN command. It offers a very simple Stack-based Buffer Overflow with a little bit of fuzzing...

Vulnserver Part 0 - Overview

Vulnserver is a vulnerable TCP socket server written in C. You can use it to practise Windows x86 stack based buffer overflows. The server application offers several different buffer overflows for you to exploit...

Tutorial: Build a Network Sniffer From Scratch

A sniffer allows you to intercept, log and analyze network traffic. In this tutorial we will build one from scratch in python3, using only standard libraries...

Tutorial: Create Binary Versions of Python Tools

PyInstaller allows you to create stand-alone binaries that run on machines that do not have Python installed. On Linux it will create an executable ELF binary. On Windows...