TESTING VELOCITY SERVER-SIDE TEMPLATE INJECTION
Velocity is a Java-based templating engine which executes server-side to craft complex layouts.
EXPLOITING PYTHON PICKLE
Hack the Box is a known platform containing a set of security challenges and in this instance, we will cover solving of a subsection of the retired ‘Canape’ box, consisting of a remote code execution by abusing insecure deserialization of Python Pickle.
EXPLOITING A NODEJS SSH SERVER WITH CVE-2018-10933
This a vulnerability in ‘libssh’ before versions 0.7.6 and 0.8.4 which allows an attacker to circumvent SSH authentication.
NEW BLOG
Hello everyone, I officially inaugurate my new blog with a useless post, mainly for testing purposes and to waste some time playing around.