Exploiting Insecure Deserialization bugs found in the Wild (Python Pickles) This blog post was written by Ian Musyoka. Introduction Serialization is the process of converting an object into a byte stream so that It can be loaded elsewhere or stored in a database or file. Python is used in [...]
EXPLOITIING INSECURE DESERALIZATION VULNERABILITIES FOUND IN THE WILD This blog post was written by Ian Musyoka. Introduction Deserialization is the process of converting a byte stream back into an object so that it can be used by the web application the way it was intended. The [...]
PDF CRACKING WITH CLOUD COMPUTING This blog post was written by Varun Gupta. Introduction Hashcat is a popular password cracker and designed to break even the most complex password representation. To do this, it enables the cracking of a specific password in multiple ways, combined with versatility [...]
CREATING BADUSB USING ATTINY85 This blog post was written by Varun Gupta. Introduction BadUSB is any USB device that was programmed (or reprogrammed) specifically to emulate a keyboard by sending a predetermined sequence of key press events to a computer in order to complete a task, which [...]
Linux Privilege Escalation Techniques via SUIDs This blog post was written by Dharmik Karania. Introduction SUID Overview. What is SUID? SUID is Set User ID. This has to do with permission settings. If we look at ls -la, we can see we have, RWX (Read, Write, Execute) and some have [...]
