An authenticated user with api.webhooks.write permission can create a webhook whose url field passes FILTER_VALIDATE_URL with file://, dict://, or gopher:// schemes. At dispatch time, curl_init() i...
Jul 16 2026-07-16T03:05:38+03:00
The regex_replace filter and function are allowlisted in Grav’s Twig content sandbox. When Twig processing in page content is enabled security.twig_content.process_enabled: true, authenticated page...
Jul 16 2026-07-16T03:05:38+03:00
During a security review of Grav CMS authentication logic, I discovered that the password reset workflow could be manipulated through unsafe URL resolution. This allowed an attacker to influence th...
Jul 14 2026-07-14T01:23:38+03:00
This is the part two of android pentest, part one documentation is found here. In this document I will show how to intercept android application traffics using burpsuite. In previous post I show...
Jul 21, 2024 2024-07-21T22:23:38+03:00
Mobile application penetration test is similar to web application pentest but it can sometimes be trick to set an environment to perform this action. In this post I will share all necessary steps r...
Mar 9, 2024 2024-03-09T02:41:31+03:00
This is Hackthebox medium Linux machine implemented in NextJS technology with api. This box requires much of enumeration with proper payloads and wordlists in order to get proper responses. I will...
May 13, 2023 2023-05-13T14:49:38+03:00
This is hackthebox Windows machine rated hard, with interesting cool way of exploitation start from leaking hashes, password spraying to more privileged users for system account I will demonstrate ...
May 6, 2023 2023-05-06T15:23:38+03:00
This is hackthebox Windows machine with outdated installed software which results to remote code code execution which i will use it to get user account and then kernel unpatched issues which i will...
Apr 6, 2023 2023-04-06T15:23:38+03:00
As I was learning Cyber Threat Intelligence I chose Open CTI as demo tool while taking this path, and these were my installation steps which I followed while configuring it. In this document I will...
Feb 22, 2023 2023-02-22T18:55:00+03:00
This is hackthebox easy rated machine designed to show the command injection for the user access and path injection knowledge for the root user. In this box i will show different ways of how to be ...
Feb 11, 2023 2023-02-11T18:30:00+03:00