-
Recent Posts
- CTF Binary Exploitation – Cyber Apocalypse 2024: Hacker Royale – Death Note
- CTF Binary Exploitation – Cyber Apocalypse 2024: Hacker Royale – Pet Companion
- Shellcode – Windows/x86 – Create Administrator User – Dynamic PEB & EDT
- Creating your own AMSI Bypass using Powershell Reflection Technique
- Linux Shared Library Hijacking
Recent Comments
- Xavi on Exploit Development – Vulnserver TRUN – JMP EAX
- Merrell Vineza on Exploit Development – Vulnserver TRUN – JMP EAX
- Merrell Vineza on Exploit Development – Vulnserver TRUN – JMP EAX
- Xavi on Shellcoding Linux x86 – Bind Shell TCP – Assignment 1
- junsec on Shellcoding Linux x86 – Bind Shell TCP – Assignment 1
Archives
Categories
Meta
Author Archives: Xavi
Shellcoding Linux x86 JMP-CALL-POP technique (2/3)
Following the last article content, we are going to pop a shell instead of printing Hello World in the screen. To do this we are going to use the Execve syscall. This syscall allows us to execute a new program … Continue reading
Posted in Exploiting
Tagged Assembly, exploit-db, exploiting, hacking, linux, shellcode, shellcoding, SLAE, x86
Leave a comment
Shellcoding Linux x86 JMP-CALL-POP technique (1/3)
Currently I’m studying SLAE certification of Pentester Academy and I found a really interesting video that explained this technique. I’m going to follow the course instructions step by step and try to explain it here the best as I can. … Continue reading
Posted in Exploiting
Tagged Assembly, exploit-db, exploiting, hacking, linux, shellcode, shellcoding, SLAE, x86
Leave a comment
Introduction to Assembly
In this article I’m going to write a quick introduction to intel x86 assembly language. We are going to create a program, that is going to print a sentence in the screen. Before starting programming, we need to know a … Continue reading
Posted in Exploiting
Tagged Assembly, exploit-db, exploiting, hacking, linux, shellcode, shellcoding, SLAE, x86
Leave a comment
SQL Injection 4
Time to move on to time-based SQLi. Time based SQLi The process is almost the same as boolean-based. The thing that changes is the way to identify a true condition. Let’s visit level 9 of sqlilabs. The way to … Continue reading
Posted in Hacking Web
Tagged hacking, owasp, security, SQLi, web application hacking
Leave a comment
SQL Injection 3
In this article I’m going to explain step by step how you can extract information of a database using a blind boolean based SQLi vulnerability. Blind boolean based SQLi First of all we need to understand what a boolean … Continue reading
Posted in Hacking Web
Tagged hacking, owasp, security, SQLi, web application hacking
Leave a comment
SQL Injection 2
Let’s continue understanding SQL injections. This time we are going to focus on understanding how to exploit more complicated SQL injections manually. Error/Doble Query To understand Error-based SQLi, we need to start doing lesson 5 and 6 of the … Continue reading
Posted in Hacking Web
Tagged hacking, owasp, security, SQLi, web application hacking
Leave a comment
SQL Injection 1
Introduction The purpose of this post is not to teach you how to exploit a SQL Injection vulnerability, if you are just looking for that, just google sqlmap. In this article I will try to explain to you how SQL … Continue reading
Posted in Hacking Web
Tagged hacking, owasp, security, SQLi, web application hacking
Leave a comment
How to learn to hack?
I guess everyone that works in Infosec world has heard these words: “How can I learn to hack?” or “What I need to learn to be a hacker?”. There are a lot of people that are curious and wants to … Continue reading
Hello world!
Hello world! My name is Xavi 🙂 In may of 2016 I had my first Cyber Security job, but I started doing hacking stuff since I was really young. My best skills are related to Hacking, but I am also … Continue reading