Security(57)
- Decidim: Stored XSS in embedded URLs for Decidim Meetings (20 Nov 2024 | Tags: Programming, Web, Security, Ruby, Rails, CVE)
- Decidim-Awesome: SQL Injection in AdminAccountability (20 Nov 2024 | Tags: Programming, Web, Security, Ruby, Rails, CVE)
- AttackMate A modern open source tool for automating cyberattack (17 Nov 2024 | Tags: AttackMate, Security, News)
- BalCCon2k24 was amazing (24 Sep 2024 | Tags: Security, ccc, Event, News)
- FIWARE Keyrock: Command Injection in Organisationname (12 Aug 2024 | Tags: Programming, Web, Security, CVE)
- FIWARE Keyrock: Command Injection in Applicationname (12 Aug 2024 | Tags: Programming, Web, Security, CVE)
- FIWARE Keyrock: Activation of any new user (12 Aug 2024 | Tags: Programming, Web, Security, CVE)
- FIWARE Keyrock: Deactivate 2-factor-auth of any user (12 Aug 2024 | Tags: Programming, Web, Security, CVE)
- FIWARE Keyrock: Manipulate passwords of any user (12 Aug 2024 | Tags: Programming, Web, Security, CVE)
- Contributing a Metasploit Exploit (12 Nov 2023 | Tags: Security, Programming, Ruby)
- Fireshonks 2022: Logrotten (02 Jan 2023 | Tags: logrotate, Security, News)
- BSidesVienna 2022: Logrotten. (19 Nov 2022 | Tags: logrotate, Security, News)
- SexyPolling SQL Injection (18 Apr 2022 | Tags: PHP, Programming, Web, Security, CVE)
- ForkCMS PHP Object Injection (CVE-2020-24036) (02 Mar 2021 | Tags: PHP, Programming, Web, Security, CVE)
- QCubed Cross Site Scripting (CVE-2020-24912) (02 Mar 2021 | Tags: PHP, Programming, Web, Security, CVE)
- QCubed SQL Injection ( CVE-2020-24913) (02 Mar 2021 | Tags: PHP, Programming, Web, Security, CVE)
- QCubed PHP Object Injection (CVE-2020-24914) (02 Mar 2021 | Tags: PHP, Programming, Web, Security, CVE)
- Offensive Security Web Expert(OSWE) (13 Jul 2020 | Tags: Security, News, Certification)
- Creative Contact Form: Directory Traversal (CVE-2020-9364) (09 Mar 2020 | Tags: Programming, Security, CVE)
- OpenVPN: updating /etc/resolv.conf (26 Dec 2019 | Tags: Linux, Programming, Sysadmin, Bash, openssl, Security, Tricks, Downloads)
- BSides 2019: Code diving for pop chains (11 Dec 2019 | Tags: Programming, Security, News)
- OkayCMS: Unauthenticated remote code execution (02 Dec 2019 | Tags: Programming, Security, Web, CVE)
- FreeRadius: Privilege Escalation via Logrotate (02 Dec 2019 | Tags: Programming, Sysadmin, C, Security, CVE, logrotate)
- I "tried harder" and passed another exam (10 Nov 2019 | Tags: Security, News, Certification)
- CVE-2019-15741: Privilege Escalation via Logrotate in Gitlab Omnibus (04 Oct 2019 | Tags: Linux, Programming, Sysadmin, Security, git, CVE, logrotate)
- Privilege escalation in groonga-httpd (CVE-2019-11675) (07 May 2019 | Tags: Linux, Programming, Sysadmin, C, Security, Debian, CVE, logrotate)
- Anatomy of a Linux container rootkit (07 May 2019 | Tags: Linux, Programming, C, Docker, Security, Kernel)
- Details of a logrotate race-condition (01 May 2019 | Tags: Linux, Programming, Sysadmin, C, Security, logrotate)
- Abusing a race condition in logrotate to elevate privileges (14 Jan 2019 | Tags: Programming, Sysadmin, C, Security, logrotate)
- I "tried harder" and passed the exam (08 Jan 2019 | Tags: Security, News, Certification)
- What the hack is "E-Brief" (08 Dec 2018 | Tags: Security, News)
- Full Disclosure: Remote-Command-Execution in PHKP (08 Oct 2018 | Tags: Programming, Sysadmin, Security, CVE)
- cryptorecord 0.9.2 released (17 May 2018 | Tags: Programming, Security, Crypto, Network, Ruby, Downloads, Download)
- Postfix: verified TLS with DANE (14 May 2018 | Tags: Linux, Mail, Sysadmin, Security, Email, Crypto)
- Thoughts about DNSsec (08 May 2018 | Tags: Sysadmin, Security, Crypto, Network)
- Suricata: stack-based buffer-overflow in ParseFilename (06 Apr 2018 | Tags: Security, Suricata)
- Remote-Code-Execution in Suricata-Update (06 Apr 2018 | Tags: Security, Suricata, CVE)
- OpenElec: CVE-2017-6445 revisited (25 Jun 2017 | Tags: Security)
- Dangerous remote Linux-Kernel bug(CVE-2016-10229) discovered (14 Apr 2017 | Tags: Security, External)
- Nasty Cisco bug discovered (20 Mar 2017 | Tags: Security, News, External)
- OpenElec: Remote Code Execution Vulnerability through Man-In-The-Middle(CVE-2017-6445) (03 Mar 2017 | Tags: Security, OpenElec, CVE)
- Apaches "File-Extension-Feature" (01 Feb 2017 | Tags: Security, apache)
- Privilege Escalation in VirtualBox (CVE-2017-3316) (26 Jan 2017 | Tags: Security, Virtualization, CVE)
- Utility to query certificate-transparency-database (13 Jan 2017 | Tags: Security, Tricks, Crypto, External)
- Exploiting Recursion in the Linux Kernel (15 Aug 2016 | Tags: Linux, Security, External, Kernel)
- Using ssh-keygen (08 Jul 2016 | Tags: Linux, Sysadmin, Security, Tricks, Shell)
- End-To-End-Encryption for messengers (03 Jun 2016 | Tags: Security, Crypto)
- Shorewall: setup Geo-IP filtering (06 Apr 2016 | Tags: Linux, Sysadmin, Security, Network, Firewall, Toscom)
- Lets Encrypt this blog... (19 Mar 2016 | Tags: Security, Crypto, News, Blog)
- Static arp-cache on dhcp-servers (13 Feb 2016 | Tags: Linux, Sysadmin, Security, Tricks, Network)
- Route to nowhere - Blocking attackers using Nullroutes (04 Feb 2016 | Tags: Linux, Sysadmin, Security, Network, Firewall)
- Check /etc/shadow for accounts with empty passwords (11 Jan 2016 | Tags: Linux, Sysadmin, Security, Tricks)
- Firewall Evasion-Techniques (18 Sep 2015 | Tags: Linux, Sysadmin, Security, Firewall)
- Sophos Virus-Scan is now free (30 Jun 2015 | Tags: Linux, Sysadmin, Security, Virus)
- Debian Jessie: nrpe without command-args (28 May 2015 | Tags: Linux, Nagios, Sysadmin, Debian, Security)
- Logjam ( Attacks against Diffie-Hellman) (21 May 2015 | Tags: Sysadmin, Crypto, Security)
- check-script for zonetransfers (16 Dec 2014 | Tags: Sysadmin, One-Liner, Security)