Development and infosec stuff!

Enjoy!
A real-life case of XSS and other web concepts
Hello folks, I would like to share with you a practical case of reflected XSS while i was looking at...
posted on Tuesday, July 25, 2017 in web  
Fingerprint Web Application static files
Hello infosec people, Today i would like to share with you the first version of a script i wrote to...
posted on Monday, June 5, 2017 in web  
SLAE Assignment 7 - Custom crypter
Student SLAE - 891 Github: https://github.com/phackt/slae http://www.securitytube-training.com/online-courses/securitytube-linux-assembly-expert/ Assignment 7: Our Goal: Create a custom crypter Free to use any existing...
posted on Sunday, April 30, 2017 in certification  
SLAE Assignment 6 - Polymorphic shellcodes
Student SLAE - 891 Github: https://github.com/phackt/slae http://www.securitytube-training.com/online-courses/securitytube-linux-assembly-expert/ Assignment 6: Our Goal: Take up 3 shellcodes from Shell-Storm and create polymorphic...
posted on Saturday, April 29, 2017 in certification  
SLAE Assignment 5.3 - Msfvenom linux/x86/chmod shellcode Analysis
Student SLAE - 891 Github: https://github.com/phackt/slae http://www.securitytube-training.com/online-courses/securitytube-linux-assembly-expert/ Assignment 5.3: Our Goal: Take up at least 3 linux/x86 shellcodes using Msfpayload...
posted on Wednesday, April 26, 2017 in certification  
SLAE Assignment 5.2 - Msfvenom linux/x86/read_file shellcode Analysis
Student SLAE - 891 Github: https://github.com/phackt/slae http://www.securitytube-training.com/online-courses/securitytube-linux-assembly-expert/ Assignment 5.2: Our Goal: Take up at least 3 linux/x86 shellcodes using Msfpayload...
posted on Tuesday, April 25, 2017 in certification  
SLAE Assignment 5.1 - Msfvenom linux/x86/exec shellcode analysis
Student SLAE - 891 Github: https://github.com/phackt/slae http://www.securitytube-training.com/online-courses/securitytube-linux-assembly-expert/ Assignment 5.1: Our Goal: Take up at least 3 linux/x86 shellcodes using Msfpayload...
posted on Monday, April 24, 2017 in certification  
SLAE Assignment 4 - Encoding/Decoding Shellcode
Student SLAE - 891 Github: https://github.com/phackt/slae http://www.securitytube-training.com/online-courses/securitytube-linux-assembly-expert/ Assignment 4: Code is available on my github repo. Our Goal: Create a...
posted on Sunday, April 23, 2017 in certification  
SLAE Assignment 3 - Egg hunter
Student SLAE - 891 Github: https://github.com/phackt/slae http://www.securitytube-training.com/online-courses/securitytube-linux-assembly-expert/ Hello everybody, So here we are for the third part of our shellcodes...
posted on Friday, April 21, 2017 in certification  
SLAE Assignment 2 - TCP Reverse Shellcode
Student SLAE - 891 Github: https://github.com/phackt/slae http://www.securitytube-training.com/online-courses/securitytube-linux-assembly-expert/ Hello everybody, So here we are for the second part of our shellcodes...
posted on Wednesday, April 19, 2017 in certification  
SLAE Assignment 1 - TCP Bind Shellcode
Student SLAE - 891 Github: https://github.com/phackt/slae http://www.securitytube-training.com/online-courses/securitytube-linux-assembly-expert/ Hello everybody, Here we are for a new set of posts dealing with...
posted on Thursday, April 13, 2017 in certification  
MITM, HSTS, and plain HTTP landing page in practice
Hi everybody, I already wrote some articles talking about the importance of implementing the HTTP Strict Transport Security (HSTS) and...
posted on Monday, March 27, 2017 in mitm  
Moria boot2root machine
Hello everyone, This time i would like to share with you a write-up about the Moria’s VM. Big up to...
posted on Tuesday, March 21, 2017 in ctf  
Hacking Training
Hello everyone, Un petit article aujourd’hui pour parler des plateformes d’entrainement à l’infosec que j’ai pu trouver jusqu’à présent. Tous...
posted on Monday, March 6, 2017 in general  
Format String with GDB
Salut à tous, Aujourd’hui un petit article qui traitera d’un cas simple de Format String où nous exploiterons un buffer...
posted on Tuesday, February 28, 2017 in binary  
OSCP: hautement addictif
Hello les ninjas, Premier article de l’année, cependant ces derniers mois furent bien remplis avec le passage de l’OSCP. J’en...
posted on Friday, February 17, 2017 in certification  
Passive Gathering Information - Netcraft and Shodan
Bonjour à tous, Aujourd’hui nous parlerons de la prise d’empreinte passive et des plateformes netcraft et shodan. La prise d’empreinte...
posted on Monday, December 5, 2016 in fingerprint  
Dyn DNS DDOS
Bonjour à tous, Peut être avez-vous tenté vendredi dernier (21 octobre 2016) d’accéder à certains de vos sites ou services...
posted on Sunday, October 23, 2016 in general  
HTTP Proxying with Mitmproxy
Bonjour à tous, Pour faire suite à l’article que j’avais rédigé sur une attaque MITM redirigeant vers un site web...
posted on Saturday, October 1, 2016 in mitm  
Anonymat avec TOR et Proxychains sous Kali
Salut à tous, Après m’être demandé comment lancer toutes mes commandes derrière un proxy SOCKS pour masquer mon ip (certaines...
posted on Saturday, September 17, 2016 in web  
Phishing d'un site web avec attaque MITM
Hi Everybody, Je me suis dit qu’il était intéressant de partager avec vous un petit script Bash que j’ai créé...
posted on Thursday, September 8, 2016 in mitm  
XSS, CORS, CSRF (Partie 3)
Les requêtes Cross-Site. Bienvenue dans ce dernier volet de notre Saga XSS (partie 1, partie 2). Dans notre précédent article...
posted on Saturday, August 20, 2016 in web  
XSS, CORS, CSRF (Partie 2)
XSS et vol de cookies par la pratique. Vous reprendrez bien un cookie ? Dans le premier volet de notre...
posted on Monday, August 15, 2016 in web  
XSS, CORS, CSRF (Partie 1)
Le XSS, CORS, CSRF… Késako? Que se cache-t-il derrière ces acronymes barbares ? Bienvenue dans cette saga qui traitera des...
posted on Tuesday, August 9, 2016 in web  
Introduction au SIEM
SIEM, le monitoring de la sécurité Nous avons vu dans un précédent article quel était le contexte réglementaire de la...
posted on Friday, August 5, 2016 in general  
Introduction à la cybersécurité
Cybersécurité, un enjeu bien réel Quels sont ses objectifs et pourquoi manifeste-t-on aujourd’hui un tel engouement pour ce secteur ?...
posted on Sunday, July 31, 2016 in general