Write-up for Magic (Medium Linux) on Hack The Box! Redirect based SQL injection; Tampered php reverse shell; Dump database for user creds; exploit SUID on unsecure PATH funcmylife.fr/write-up/htb/m…

Write-up for Remote (Easy Windows) on Hack The Box! Find NFS share with credentials to log in on Umbraco (CMS); Exploit RCE on CMS; Find Team Viewer credentials and connect with WinRM funcmylife.fr/write-up/htb/r…

Hey Twitter ! I just released another slightly different blogpost. This time, small #OSINT and #GEOINT investigation, about geolocating and tracking a flight ! It was kinda fun and I learnt many things. Have fun while reading and feel free to share! FR/EN haax.fr/fr/writeups/os…

my write up for alles CTF - pwnkemon (hardware) by LiveOverflow 🔴 0xswitch.fr/CTF/alles-ctf-… given a logic analyzer output from a SPI communication between 2 game boys you had to reconstruct a pokemon exchange from generation I !

🎉The time has come to give you all access to 𝗧𝗵𝗲 𝗛𝗮𝗰𝗸𝗲𝗿 𝗥𝗲𝗰𝗶𝗽𝗲𝘀 🥳 This project is aimed at providing guides on various hacking topics : AD, web, servers, *INT, SE, physical intrusion... It's far from over but I hope you'll like it 🙏 thehacker.recipes

Admirer - Write-up - #HackTheBox blog.raw.pm/en/HackTheBox-… TL;DR: CTF-like box with a bit of code review for initial access (PHP) and EoP (python).

Write-up for Cache, medium Linux machine, on Hack The Box! Find HMS subdomain, exploit SQLi to find admin creds, exploit file upload to get a reverse shell, password reuse, retrieve password stored in memcached, exploit Docker to get root funcmylife.fr/write-up/htb/c…

Write-up for Blunder, easy Linux machine, on Hack The Box ! Find file with username, create custom wordlist with Cewl, exploit bf on Bludit, exploit CVE to get a webshell, find credz in php file, exploit sudo -u#-1 to get root funcmylife.fr/write-up/htb/b…

Writeup of HTB Blunder, a Linux easy box about web enumeration, password reuse and sudo CVE exploitation thbz.fr/writeups/htb_b…

Write-up for Tabby, easy Linux machine, on Hack The Box ! Exploit LFI to get tomcat-users.xml, send a malicious War file to get reverse shell, crack ash password through zip file, create a privileged container with LXD to get root funcmylife.fr/write-up/htb/t…

Write-up for Buff, easy Windows machine, on Hack The Box ! Exploit Unauthenticated RCE on Gym Management System 1.0 and then exploit buffer overflow vulnerability on CloudMe to get Administrator access. funcmylife.fr/write-up/htb/b…

Hey I worked on a cheatsheet after passing the OSCP, I decided to release it publicly even if it's far to be complete to motivate me to improve it even more, feel free to use it 😁 cheatsheet.remsio.com

My write up for the DGhAck hardware challenge strange thing. With a little introduction to avr reverse for Arduino! 0xswitch.fr/CTF/dghack-202…

WU for SneakyMailer, medium Linux machine on Hack The Box! Probably one of the greatest box I've solved! Perform phishing campaign, upload a reverse shell through FTP, create a malicious python package to get SSH access, exploit Pip3 to get root funcmylife.fr/write-up/htb/s…

WU for Openkeys, medium OpenBSD machine on Hack The Box ! Find swap files and bypass OpenBSD auth framework to retrieve user ssh key. Exploit xlock to privesc. funcmylife.fr/write-up/htb/o…

Just pushed the latest update to my Infosec Cheatsheet (cheatsheet.haax.fr), adding some #OSINT tools & resources + other stuff. I had too much bookmarks waiting to be reviewed! Probably the last update to end this wtf 2020 year (:

Je profite de la trend Signal pour rappeler que Duckduckgo est un moteur de recherche vraiment pratique, surtout quand on fait de l'informatique. (thread)

WU for Laboratory, easy Linux machine on Hack The Box ! Find the git subdomain and create an account, Exploit Gitlab RCE & LFI (CVE-2020-10977) to get a shell, use gitlab-rails to reset admin password, abuse path variable with local script to get root funcmylife.fr/write-up/htb/l…

Pour une bière gratuite, notre expert switch est prêt à tout 🍺 Il nous explique comment il a poncé une application #Java utilisant #JNI pour "camoufler" l'authentification. 👉 acceis.fr/frida-jni-et-8… #Frida #JNI #une86pourLucas

Vulnérabilités : P3 + P4 + P5 = P1 ou comment voler des sessions utilisateur en enchaînant plusieurs vuln à bas risque : acceis.fr/transformer-de… 🐞Défaut de configuration de l’attribut domaine des cookies > prise de contrôle de sous-domaine > redirection arbitraire d’URL > XSS🐞