A place for me to store my notes/tricks for Bug Bounty Hunting - Big Work in Progress.
-
posts
-
Bug Bounty Cheatsheet
-
How I Took Over 2 Subdomains with Azure CDN Profiles
I recently was carrying out some Bug Bounty hunting on a new program and came across 2 subdomains which resolved to a unclaimed Azure CDN Profile which I was able to claim. -
Win32 Buffer Overflow - SEH Overflows & Egghunters
SEH is a mechanism within Windows that makes use of a data structure/layout called a Linked List which contains a sequence of memory locations. When a exception is triggered the OS will retrieve the head of the SEH-Chain and traverse the list and the handler will evaluate the most relevant course of action to either close the program down graceful or perform a specified action to recover from the exception. -
Simple Win32 Buffer Overflow - EIP Overwrite
I have recently embarked on the task of understanding Buffer Overflows beyond simple Stack Overflows and I figured the best way to go about it was to go back to the start, recover Stack/Assembly principles. Quickly recover simple Stack Overflows and then begin writing a blog post for each relevant area that I want to learn in greater detail. -
How To Attack Kerberos 101
I want to start with article by saying I set out to learn Kerberos in greater detail and I figured that writing this would help cement my existing knowledge and give me reason to learn along the way, I am no Kerberos expert I am simply learning as I go along and getting my head around all the different terminologies so if you notice something amiss feel free to DM me and put me right. And if you do not understand something feel free to drop me a DM and I will do my best to help -
Windows Notes / Cheatsheet
A place for me to store my notes/tricks for Windows Based Systems. -
Bypassing 2FA For Fun With Evilginx2
I recently decided to explore phishing techniques and 2FA Bypasses to further understand how attackers are compromising accounts/networks with 2FA enabled and to further demonstrate why organisation should not solely rely on 2FA to protect there sensitive assets. -
Linux Notes / Cheatsheet
A place for me to store my notes/tricks for Linux Based Systems