This is a report I created for one of the engagements I performed recently. The goal of the engagement was to find out if there is a way to steal credit card details by using client side vulnerabilities. Everything after this is a report as a whole. Scope of work I was engaged to perform …
Uncategorized
Linux memory forensics – part 1
Memory forensics is a very critical skill set to have to understand about the state of the compromised system. It gives a deep dive insight into the possible attack paths adversaries might have taken. In this post I will document ways to acquire memory from the linux system . In the subsequent posts we will …
Nmap – Part II
In the last blog post I talked about what nmap is, how different types of host discovery, port scanning work and how to save the nmap results in different output formats. In this post I will write about how we can use nmap to perform service enumeration and how service enumeration works under the hood. …
Nmap – Part 1
Nmap is a network utility tool which is used to enumerate hosts in the network , perform reconnaissance or information gathering , vulnerability detection , exploitation and much more. I consider it a swiss army of a network penetration tester. Information gathering is the key to a vulnerability assessment and penetration testing engagement. The more …
One hell of an IP address(Part 2)
It’s been a long time since I published my last blog post for this series. With some genuine feedback from people I have tried my best to improve on contents. Last blog post was just to give a gentle introduction to IP address in non technical perspective. In this blog post , we will go …
Intigriti 10k followers XSS challenge
Last week Intigriti had posted an XSS challenge on Twitter. I decided to give it a look. Today , in this article I am going to explain how I solved this challenge. Here is the code, <script> const whitelist = [‘intigriti.com’,’intigriti.io’]; var url = new URL(location.hash.substr(1)); if(whitelist.indexOf(url.hostname) > -1){ document.write(“Redirecting you to ” + encodeURIComponent(url.href) …