,
51 tweets,
13 min read
Read on Twitter
I’m going to blog about offensive security, every day, for the next 365 days. #365DaysOfPwn
Day 1 => ROP Chain Exploit Development: ROP Emporium CTF - ret2win (64bit) link.medium.com/rv2WQjh15S
Day 2 => Write an SMPP Fuzzer link.medium.com/0aDlinzq9S
Day 3 => ROP Emporium split (64bit) link.medium.com/Rq5fAwEq9S
Day 4 => Recover Passcode (attackdefense.com) link.medium.com/9lGGRcB99S
Day 5 => ROP Chain Exploit Development - ROP Emporium callme (64bit) link.medium.com/C5PSRqvZcT
Day 6 => OSX Spy – Part 1 link.medium.com/moLet6s5dT
Day 7 => ROP Emporium write4 (64bit) link.medium.com/7saYgFBmgT
Day 8 => Fuzzing 101 with AFL link.medium.com/2prDt8BwhT
Day 9 => OSINT Twitter Phone Enumeration link.medium.com/62qBQxc9iT
Day 10 => XOR ROP - badchars (64bit) link.medium.com/hxaTNoKilT
Day 11 => Introduction to Integer Overflows & Underflows link.medium.com/x8J0lcuxmT
Day 12 => 10 Reasons Why Security Sucks link.medium.com/3vDxOV0EoT
Day 12 => Top 10 radare2 (r2) commands link.medium.com/iBDszELlqT
Day 13 => WebPwn (Automate Web Hacking)- Part 1 link.medium.com/1FSCRQ7xrT
This was actually day 13 🤦♂️
And this was actually day 14 🤦♂️
Day 15 => Simple WP Brute Force Tool link.medium.com/60zAnjLetT
Day 16 => s3 Monster (gotta get ’em all) link.medium.com/b4J4phYQuT
Day 17 => Looking for Credit Cards in Files link.medium.com/Q78owxzawT
Day 18 => Essential CTF Tools link.medium.com/pZTyKSFvyT
Day 19 => Getting Started with Frida Tools link.medium.com/y154tVHIzT
Day 20 => ping-pwn — Writing an ICMP Shell for Linux using ICMP tunnels & Scapy link.medium.com/FynbLONzBT
Day 21 => Top 10 Public Speaking Tips link.medium.com/0BxViFp5CT
Day 22 => Upload .htaccess as image to bypass filters link.medium.com/vQALNBtNET
Day 23 => Common SCADA Attacks link.medium.com/2e3hPErOGT
Day 24 => Windows Post Exploitation Shells and File Transfer with Netcat for Windows link.medium.com/HOc1hrltIT
Day 25 => Hacking like it’s 1999 (No Metasploit — Windows XP) link.medium.com/NiPlt23bKT
Day 26 => The Complete List of Windows Post-Exploitation Commands (No Powershell) link.medium.com/pAZWEPrXLT
Day 27 => Tiny SHell (SSH-like backdoor with full-pty terminal) link.medium.com/PSKpgLhdNT
Day 28 => Part 1 — Billy Gates (Writing Remote Admin Apps for Windows in C) link.medium.com/WB67FsPLOT
Day 29 => Set User ID & Environment Variable Injection (PATH & USER) for Linux Priv. Esc. link.medium.com/dWfTytXQQT
Day 30 => Abusing Cron for Privilege Escalation (Nebula Level03) link.medium.com/QhDnXwzJST
Day 31 => Blog Competition link.medium.com/ACfcDo0wTT
Day 31.1 => Symlink for the Win! (Couldn’t just post a competition, so here’s a quick one...) link.medium.com/cDM4kbDyTT
Day 32 => Stealing Secrets (like Passwords) from Windows 10 with a vanilla shell link.medium.com/3Ac6iV2NVT
Day 33 => XSS, JSON/JS Injection link.medium.com/lpIwqFvvXT
Day 34 => HackSys Extreme Vulnerable Driver link.medium.com/sYHoXKCXYT
Day 35 => XSS Payloads, getting past alert(1) link.medium.com/J1Grp64n0T
Day 36 => Hack your own NMAP with a BASH one-liner link.medium.com/XfQxRqez2T
Day 37 => Understanding Core Unix Components and their Historical Security Issues (GlibC) link.medium.com/pXjNenV53T
Day 38 => Understanding Core Unix Components and their Historical Security Issues (binutils) link.medium.com/JDiJiq6T5T
Day 39 => 420 — Automated XSS Finder by @int0x33 link.medium.com/zmvVCuDj7T
Day 40 => Privilege Escalation (Linux) by Modifying Shadow File for the Easy Win link.medium.com/FYBvaciu8T
Day 41 => Quick & Easy Vulnerability Scanning with NMAP link.medium.com/3e5v82d6aU
Day 42 => Simple Twitter Bot (Part 1) link.medium.com/lI6GONhZbU
Day 43 => Reverse Shell with OpenSSL link.medium.com/NJ90YPv5dU
Day 44 => Linux Capabilities Privilege Escalation via OpenSSL with SELinux Enabled and Enforced link.medium.com/fDNcshGIfU
Day 45 => tcpdump, a digital predator capable of giving low-level hackers god-like powers link.medium.com/z3nbNl7MgU
Day 46 => Top 3 Anti-Forensic OpSec Tips for Linux & A New Dead Man’s Switch link.medium.com/9i4p5dYOiU
