24 October 2023

Customizing Sliver – Part 3

In this third and final post […]

24 October 2023

Customizing Sliver – Part 2

Hello! This is the second part […]

24 October 2023

Customizing Sliver – Part 1

Lately I’ve been conducting research into […]

30 August 2023

Extending Burp Suite for fun and profit – The Montoya way – Part 4

Setting up the environment + Hello […]

19 July 2023

Extending Burp Suite for fun and profit – The Montoya way – Part 3

Setting up the environment + Hello […]

5 July 2023

Extending Burp Suite for fun and profit – The Montoya way – Part 2

Setting up the environment + Hello […]

5 July 2023

Extending Burp Suite for fun and profit – The Montoya way – Part 1

-> Setting up the environment + […]

13 June 2023

Pentesting Xamarin Android apps: DLLs and root check bypass

In this article, I’ll show how […]

27 February 2023

Abusing Maven’s pom.xml

Apache Maven is a well-known tool […]

21 December 2022

A journey into IoT – Unknown Chinese alarm – Part 4 – Internal communications

Disclaimer: as many other security researchers […]

7 September 2022

Groovy Template Engine Exploitation – Notes from a real case scenario

Java web applications are far from […]

22 August 2022

Useless path traversals in Zyxel admin interface (CVE-2022-2030)

During our analysis of Zyxel’s device […]