Skip to content

David Sopas – Security Researcher

I hack and I love it!

  • Home
  • About
  • Advisories
  • Contacts

Category: Tips and Tricks

  • Home
  • Tips and Tricks

Gone in 30 seconds – a HID cable story tale

  • Hardware
  • Tips and Tricks
Posted on December 27, 2019December 27, 2019

Following what I mentioned in my previous post, I went to my electronics bin and gathered a Logitech Wireless mouse (M185) and a USB cable. […]

Read More

Make HID great again

  • Hardware
  • Tips and Tricks
Posted on December 19, 2019December 19, 2019

Since ever I’ve been using HID devices on red-team assessments at Char49 – specially using Rubber Ducky and latelly with Cactus WHID. I wanted to […]

Read More

My notes on Hacking BLE – list of resources

  • Papers
  • Tips and Tricks
Posted on September 30, 2017December 18, 2018

In the last few weeks I went for a drive into the Bluetooth Low Energy (aka BLE) topic. There are many articles on the web […]

Read More

Meter HTML5 XSS filter bypass

  • Tips and Tricks
Posted on January 11, 2017January 13, 2017

I was playing around with some new HTML5 features and noticed a funny one. Meter gives you a cool progress bar on-the-fly – https://developer.mozilla.org/en-US/docs/Web/HTML/Element/meter Immediately […]

Read More

201 event handlers supported by modern browsers

  • Tips and Tricks
Posted on January 14, 2016

https://twitter.com/0x6D6172696F/status/680727929094041600

Read More

Why some vendors ignore RFD attacks?

  • Interesting Readings
  • Tips and Tricks
Posted on January 6, 2016

Since I published my Reflected File Download Cheat Sheet I’m getting lot’s of private messages and emails from security researchers and bounty hunters telling that […]

Read More

XSS on a input hidden field

  • Tips and Tricks
Posted on December 14, 2015

…where you have the input sanitized for ‘<> chars. I come across a web application on a bounty program where the returnurl was placed in […]

Read More

Should bug hunters provide real personal data on bug appreciation programs?

  • Bug Bounty
  • Interesting Readings
  • Tips and Tricks
Posted on November 27, 2015

That’s a question that sometimes comes in mind of many “hunters”. Personally in most cases, when I participate on these programs, I use fake information […]

Read More

Tiny XSS exploitation

  • Tips and Tricks
Posted on November 9, 2015

A well-known website had a limit of 32 chars on the user name field that was reflected in the public profile area. That field allowed […]

Read More

Detect the latest Joomla! SQL Injection vulnerability online

  • Tips and Tricks
Posted on October 26, 2015

SecureLayer7 released a online scanner for the Joomla 3.4.4 Core SQL injection Vulnerability. Check it out http://joomlatest.securelayer7.net/

Read More

Posts navigation

Prev

Recent Posts

  • I printed a 3D box for my bettercap arsenal and I liked it
  • Our DEF CON 28 day was a blast
  • DEF CON 28 here I go
  • A small gesture on this pandemic times
  • Checkmarx Security Research Team latest work

Recent Comments

  • David Sopas on BLE Driving 101
  • JIm K on BLE Driving 101
  • David Sopas on XSS on a input hidden field
  • shi on XSS on a input hidden field
  • David Sopas on Free online tools to help your #bugbounty

Archives

  • August 2020
  • July 2020
  • June 2020
  • March 2020
  • December 2019
  • August 2019
  • March 2019
  • February 2019
  • December 2018
  • November 2018
  • October 2018
  • August 2018
  • April 2018
  • January 2018
  • December 2017
  • November 2017
  • October 2017
  • September 2017
  • June 2017
  • April 2017
  • January 2017
  • November 2016
  • October 2016
  • August 2016
  • March 2016
  • January 2016
  • December 2015
  • November 2015
  • October 2015
  • September 2015
  • August 2015

Categories

  • Advisories
  • Bug Bounty
  • Challenge
  • Donations
  • Hardware
  • Inspiration
  • Interesting Readings
  • IoT
  • Life Style
  • Meetings
  • My Events
  • News
  • Papers
  • Swag
  • Tips and Tricks
  • Tools
  • Travel
  • Warning
Copyright © 2022 Biographyn by Theme Palace | Privacy Policy