March 13, 2016

Social Media Login Vulnerability

This article covers things I missed during an implementation of social media login feature for a web application with Facebook and Google+. Both vulnerabilities are reported by a bounty hunter...

January 23, 2016

A Web Agency's Vulnerable Website

This article covers a company profile website. The company is owned by a friend of mine. He runs a web agency, offering his clients custom applications based on a CMS...

December 31, 2015

VulnHub FristiLeaks Writeup

This is a writeup for VulnHub’s FristiLeaks: 1.3 challenge. Host and Service Discovery I don’t think that we really need to cover this, as the IP address of the host...

December 17, 2015

Frekwenza: Another Ruby TF-IDF Gem

One of the personal projects I was working on a few months ago has text processing in it. I needed to classify text messages into several groups depending on what...

December 05, 2015

VulnHub Freshly Solution

This is my solution for VulnHub’s Freshly challenge. Host and Service Discovery I started by finding the host’s IP address in my local network. $ arp -v Address HWtype HWaddress...