INFOSEC Make WordPress Pingback Great Again DoS Amplification and CDN/Load Balancer/WAF bypass. This article aims to show you how a number of ways you can collect WordPress pingback.
TECHNICAL BugPoC XSS Challenge Writeup Bypassing Content-Security-Policy and escaping an iframe sandbox.
INFOSEC Advanced boolean-based SQLi filter bypass techniques Learn how to bypass filters and Application Firewall rules using MySQL String Functions, Regex Functions, Conditional Select and Set Variables to exploit a blind (boolean-based) SQL Injection vulnerability.
TECHNICAL XSS: Arithmetic Operators & Optional Chaining To Bypass Filters & Sanitization How to use JavaScript Arithmetic Operators and Optional Chaining to bypass input validation, sanitization and HTML Entity Encoding.
TECHNICAL How To Bypass CSP By Hiding JavaScript In A PNG Image Hide a malicious JavaScript library in a PNG image and tweet it, then include it in a vulnerable website by exploiting a XSS bypassing its Content-Security-Policy (CSP).
TECHNICAL ModSecurity Denial of Service Details and PoC CVE-2019-19886 Security researcher Andrea Menin tells us the story of vulnerabilities he found in libModSecurity.
JavaScript Malware Targeting WordPress Infosec researcher Andrea Menin returns with a technical breakdown of Javascript malware targeting Wordpress installs.
TECHNICAL Abusing PHP query string parser to bypass IDS, IPS, and WAF Learn how IDS, IPS, and WAFs are vulnerable because of the design limitations of the PHP query string parser.
TECHNICAL Bypass XSS filters using JavaScript global variables In this article, theMiddle discusses the many possibilities to exploit a reflected (or even stored) XSS when there are filters or WAF's protecting the website.
TECHNICAL DNS over HTTPS (+ModSecurity WAF) One of the problems with DNS is that a query is sent over an unencrypted connection, anyone listening to the packets knows the websites you visit.
TECHNICAL Uncover Infected Website Visitors Using Content Security Policies Security researcher Andrea Menin discovered that thousands of his website visitors were infected by using a content security policy.
TECHNICAL How To Exploit PHP Remotely To Bypass Filters & WAF Rules Learn about the possibilities that PHP gives us to exploit and execute code remotely in order to bypass filters, input sanitization, and WAF rules.
CTF Apache Struts2 CVE-2018-11776 POC Learn about the Struts2 Remote Code Execution vulnerability CVE-2018-11776, how to exploit and how to create a Proof of Concept (POC) with docker.
TECHNICAL Web Application Firewall (WAF) Evasion Techniques #3 Uninitialized Bash variable to bypass WAF regular expression based filters and pattern matching. Let's show it can be done on CloudFlare WAF and ModSecurity OWASP CRS3
TECHNICAL DNSBL: Not just for spam Security practitioner Menin_TheMiddle is using DNS to stop botnet, spammers and anonymous traffic with Nginx, Lua and DNSBL. Find out how.
CYBERSEC AppArmor: Say Goodbye to Remote Command Execution. How to kill RCE and RFI directly on the php-fpm process. Let's do a test exploiting Drupalgeddon2.
