Collection of code snippets/templates I’ve either developed or used on some occasion that may become useful during AWAE.
Post mainly revolves around going beyond basic XSS payloads and utilising external Js to further our attack. XMLHttpRequest examples will likely come in hand...
Short post outlining a technique used on a recent engagement where I was tasked with gaining domain admin privs starting from an unauthenticated standpoint.
Collection of notes regarding Android application analysis and testing.
Collection of information and tools for Azure configuration reviews and security testing.
Collection of simple/handy commands and my .tmux.conf.