September 04, 2023

Replacing router's status LED lights with an I²C peripheral

I’ve been reading a bit about hardware hacking lately and I was eager to try to implement a simple mod myself to get a feel of it. Inspired by this...

December 06, 2022

Leaking file paths with findutils locate

Say you are trying to escalate privileges on a linux box. You’ve found out that one of the binaries you are allowed to run as sudo enables you to read...

October 08, 2022

DLL Proxying example with OneDrive

A few months ago IppSec uploaded a video about DLL Hijacking where as one of the examples he hijacks cscapi.dll used by OneDrive. It’s a great video and I’d suggest...

November 20, 2020

HTML attributes without spaces

This is just another idea for an xss challenge that can teach us something new about HTML parsing....

October 28, 2020

Bogus comments and XSS

Let’s say we have a sanitizer that:...