Linux memory forensics – part I

Memory forensics is a very critical skill set to have to understand about the state of the compromised system. It gives a deep dive insight into the possible attack paths adversaries might have taken. In this post I will document ways to acquire memory from the linux system . In the subsequent posts we will …

Nmap – Part II

In the last blog post I talked about what nmap is, how different types of host discovery, port scanning work and how to save the nmap results in different output formats. In this post I will write about how we can use nmap to perform service enumeration and how service enumeration works under the hood. …

Nmap – Part I

Nmap is a network utility tool  which is used to enumerate hosts in the network , perform  reconnaissance or information gathering , vulnerability detection , exploitation and much more. I consider it a swiss army of a network penetration tester. Information gathering is the key to a vulnerability assessment and penetration testing engagement. The more …

Intigriti 10k followers XSS challenge

Last week Intigriti had posted an XSS challenge on Twitter. I decided to give it a look. Today , in this article I am going to explain how I solved this challenge. Here is the code, <script> const whitelist = [‘intigriti.com’,’intigriti.io’]; var url = new URL(location.hash.substr(1)); if(whitelist.indexOf(url.hostname) > -1){ document.write(“Redirecting you to ” + encodeURIComponent(url.href) …