had my first lil taste of gdb today(again) this is where my rev eng journey really started. sure I could have pulled the password with strings, but did it the hard way in gdb tomorrow comes the fun part binary patching skipping strcmp and jumping straight past the password check

todays mission get a output of "Correct Password" without entering the correct password so which clearly means we are doing binary patching. so for that I got 2 options Hex editor is 1st as our jne opcode is usually 75 xx converting to 90 90 which is NOP NOP so we jump

how I calculate all this bitch ass offset ? at first I did some cheating and did objdump -d crackme > binary.asm and then grep out the jne which mean if not equal, jump to fail message. so as I already got the VA by this I used readelf -S crackme for it and calculate the offset

Weekly bug bounties, monthly internal testing… yet a single phishing email can still bypass it all. But the best part is they noticed it and fixed it way fast and the support is really good. github.com/debug-js/debug…

I just pwned Planning on Hack The Box! labs.hackthebox.com/achievement/ma… #HackTheBox #htb #CyberSecurity #EthicalHacking #InfoSec #PenTesting

Morning streaming! just making that constancy man, I need more time to come on the track then will go into the wild again, until then I want to pressurize my mind. today maybe I will start again with the cloud sec SO its worth it to make a use of early morning.

alright guys!!! we got 106 Days to go, this is the Endgame.

>npm run dev

You need education to earn money. But to get an education, you need money. To get a job, experience is required. But to gain experience, a job is required.

privacy :)

I just completed PentesterLab's unix badge!!!

I just completed PentesterLab's HTTP Badge!!!

Unemployed again! let’s go I left my job today. Why? Because I felt it was holding me back. After a lot of thinking and reflection I finally made this decision. idk yet if this is correct decision or not but lets see 2025 is not going to end like this.

Sometimes the easiest way to break things is to look for the errors in the applications. I got hit with: You can’t add more than 2 emails with the same domain. Time to break it? Hell yeah. How? A simple race condition.

I can't go back.

Write-up on how to find criticals. Enjoy

Introducing Dorkrunner 🏃🏼‍♂️💨 Let me know what else I can add to make it even cooler. GitHub: github.com/freyxfi/DorkRu…

I’ll share this exact Excel sheet at the end of the year :) Let’s see how it goes.

I kept wasting time downloading cool wallpapers… so I automated it. Built HavenFetch a small script with tons of features to fetch insane wallpapers straight from Wallhaven. check out : github.com/freyxfi/HavenF… Thanks to the Wallhaven API <3

Guysssssssss Let me cook