help@cyb4rgeek.xyz

+1 (512) 588 6950

Uncategorized

Home/Category: Uncategorized
The toddler’s introduction to Heap Exploitation, House of Lore(Part 4.5)
The toddler’s introduction to Heap Exploitation, House of Lore(Part 4.5) bez0x January 17, 2023

The toddler’s introduction to Heap Exploitation, House of Lore(Part 4.5)

Similarly to other heap exploitation attacks that we saw so far, the idea behind the House of Lore (HoL) is to trick malloc to return a pointer to a memory location which is con

Read More
JNDI Injection Series: RMI Vector — The Final Piece of The Puzzle
JNDI Injection Series: RMI Vector — The Final Piece of The Puzzle bez0x January 13, 2023

JNDI Injection Series: RMI Vector — The Final Piece of The Puzzle

Photo by Matt Sclarandis on Unsplash In the previous three blogs (JNDI Injection Series: RMI Vector — Fundamentals, JNDI Injection Series: RMI Vector — Dynamic Class Loadin

Read More
JNDI Injection Series RMI Vector- Insecure Deserialization
JNDI Injection Series RMI Vector- Insecure Deserialization bez0x January 08, 2023

JNDI Injection Series RMI Vector- Insecure Deserialization

Photo by Olivier Miche on Unsplash Serialization refers to a process of converting an multi-dimensional object into a flattened format which can be persisted to disk or sent ov

Read More
Exploring the World of ESI Injection
Exploring the World of ESI Injection bez0x January 03, 2023

Exploring the World of ESI Injection

Heyyy Everyoneee, In this write-up, I will be sharing my findings related to ESI (Edge Side Include) Injection which I and my friend nytr0gen found on a Private bug bounty prog

Read More
👩‍💻IW Weekly #40: Open Redirection Vulnerability, Misconfigured Jira, Bugs in Red Bull, ChatGPT for Security, OSCP Guide for Beginners, Bypass Authentication
👩‍💻IW Weekly #40: Open Redirection Vulnerability, Misconfigured Jira, Bugs in Red Bull, ChatGPT for Security, OSCP Guide for Beginners, Bypass Authentication bez0x January 02, 2023

👩‍💻IW Weekly #40: Open Redirection Vulnerability, Misconfigured Jira, Bugs in Red Bull, ChatGPT for Security, OSCP Guide for Beginners, Bypass Authentication

Image by the author Disclosing this vulnerability in Google Smart speakers bagged the author a bounty of $100k 😲 Hey 👋 Welcome to the #IWWeekly40 — the Monday newslet

Read More
JNDI Injection Series: RMI Vector — Dynamic Class Loading From Remote URL
JNDI Injection Series: RMI Vector — Dynamic Class Loading From Remote URL bez0x December 29, 2022

JNDI Injection Series: RMI Vector — Dynamic Class Loading From Remote URL

https://unsplash.com/photos/zxLFkqDtG08 We have introduced fundamentals about RMI system in the previous blog. In this blog, we will move on to see how RMI can be exploited to

Read More