Slow is fast
People have stopped caring about a good read, attention span gets shorter with each reel getting faster, shortcuts are being taken, superficial goals are being set and we are not looking into ourselves as much as we should!…
Internal medicine / Information security
Internal Medicine is a broad medical specialty dedicated to the prevention, diagnosis, and treatment of diseases. Often referred to as the "queen of medicine," it offers a holistic approach by integrating a comprehensive understanding of the body's internal systems, ensuring that all aspects of a patient&…
Hijacking execution flow; dll side-loading
Most windows executables import at least some DLL's (Dynamic Link Libraries). It so happens that even some Microsofts signed executables tries loading some dlls, which are no longer required for ones proper functioning nor the dll itself is present on the system.. We can then abuse this behaviour…
Minimalistic https c2 beacon poc - using c/libcurl
Having some fun with c recently and also playing with c2 concepts, decided to make a poc c2 beacon using c and libcurl. libcurl honestly because i didn't want to deal with winhttp/sockets, and because it is already present inside every windows host (even though mine exec…
Web cache poisoning to exploit a DOM vulnerability via a cache with strict cacheability criteria - writeup
Closing up my advanced port swigger academy topics, i fell in love with web cache poisoning novel techniques by albinowax (James Kettle) the one and only. This lab in particular just caught my attention, it was extremely fun and challenging, so I just had to do a write up on…
Exporting splunk dashboard with custom tokens
In previous splunk post, we've went through logic that allows us to export dashboards and store them on remote storage server. But there was a catch, that api endpoint, that we've used for generating pdf out of choosen dashboard, does not provide us with a way…
Qualys trend - in retrospective
Qualys is an awesome product, but have you tried fetching "old" vulnerability data for reporting purposes? Not possible, the way that solution scaled, and new modules built up around its core, the way "firstFound, lastFound" and some other params constantly change, its just not possible to…
Splunk dashboard - scheduled export and storage solution
Hi, its been quite some time from last blog. I've decided to help you in addressing a potential need of having scheduled splunk dashboard exports as well as storing them on a remote storage - mounted via CIFS. What do I mean by this? Say you have a dashboard…