Following what I mentioned in my previous post, I went to my electronics bin and gathered a Logitech Wireless mouse (M185) and a USB cable. […]
Make HID great again
Since ever I’ve been using HID devices on red-team assessments at Char49 – specially using Rubber Ducky and latelly with Cactus WHID. I wanted to […]
My notes on Hacking BLE – list of resources
In the last few weeks I went for a drive into the Bluetooth Low Energy (aka BLE) topic. There are many articles on the web […]
Meter HTML5 XSS filter bypass
I was playing around with some new HTML5 features and noticed a funny one. Meter gives you a cool progress bar on-the-fly – https://developer.mozilla.org/en-US/docs/Web/HTML/Element/meter Immediately […]
201 event handlers supported by modern browsers
https://twitter.com/0x6D6172696F/status/680727929094041600
Why some vendors ignore RFD attacks?
Since I published my Reflected File Download Cheat Sheet I’m getting lot’s of private messages and emails from security researchers and bounty hunters telling that […]
XSS on a input hidden field
…where you have the input sanitized for ‘<> chars. I come across a web application on a bounty program where the returnurl was placed in […]
Should bug hunters provide real personal data on bug appreciation programs?
That’s a question that sometimes comes in mind of many “hunters”. Personally in most cases, when I participate on these programs, I use fake information […]
Tiny XSS exploitation
A well-known website had a limit of 32 chars on the user name field that was reflected in the public profile area. That field allowed […]
Detect the latest Joomla! SQL Injection vulnerability online
SecureLayer7 released a online scanner for the Joomla 3.4.4 Core SQL injection Vulnerability. Check it out http://joomlatest.securelayer7.net/