Published inInfoSec Write-upsHow to register and publish a CVE for your awesome vulnerabilityCommon vulnerabilities and exposures allow the security community to see issues associated with the current product version and see if…Jan 28, 2021Jan 28, 2021
CRTO (Certified Red Team Operator)Recently I completed the Certified Red Team Operator certification by Zero-Point Security. Overall my experience for this certification…Jan 28, 2021Jan 28, 2021
Published inInfoSec Write-upsExploiting ILIAS learning management systemOn one lonely Saturday evening I got really bored so I picked some random application to look at. This application was ILIAS learning…Nov 3, 2020Nov 3, 2020
Published inInfoSec Write-upsData exfiltration over DNS with Remote Code ExecutionSome time ago I ran into an issue where I needed to exfiltrate data over DNS because all of the other options were blocked. An important…Mar 31, 2020Mar 31, 2020
Published inInfoSec Write-upsReflected XSS on microsoft.com subdomainsMicrosoft replied that this is out of scope of their security program as well as not deemed this as a security vulnerability at all, so I…Mar 19, 20203Mar 19, 20203
Published inInfoSec Write-ups5 tips to complete OSWE (Offensive Security Web Expert)I have noticed a lack of reasonable tips for OSWE so I would like to share 5 from my personal experience on how to better prepare for the…Mar 18, 2020Mar 18, 2020
