This page requires JavaScript to be displayed properly.

The Return of the WIZard: RCE in Exim

A closer look at CVE-2019-10149 detailing how to exploit it and how to set up a vulnerable test environment.

Remote Code Execution on DotNetNuke

A look at exploiting CVE-2017-9822 via ysoserial.net payloads.

The Long Con 2018 - Working with Hackers

A (brief) look at implementing Vulnerability Disclosure Policies & Bug Bounties

Windows 10 On DigitalOcean

A guide to running Windows 10 on DigitalOcean using your own disk image.

Exploiting drupalgeddon2

A closer look at CVE-2018-7600 detailing how to exploit it and how to set up a vulnerable test environment with vulhub

Exploiting & Honeypotting Cisco ASA CVE-2018-0101

A closer look at CVE-2018-0101 detailing how to exploit it and how to create a honeypot to detect it.

TextNow Security Update

Details about a vulnerability I found in TextNow and the subsequent BlackBox Penetration Test I was hired to perform

HackTheBox - Blocky - CTF Notes

The following writeup shows the process I used to capture the user and root flags on Blocky 10.10.10.37 @ HackTheBox.eu