Skip to main content

Recently Updated Pages

Cache Poisoning

What is it ? Cache poisoning was popularized in 2018, although this attack existed long before, ...

Reverse shells

Listener Avant tout reverse shell, il faut mettre en place le listener, qui va écouter un port e...

Contact

Pour toutes questions, veuillez nous contacter à : contact[@t]hideandsec[d0t].sh.

CrackMapExec

ENUMERATION Réseau crackmapexec smb 192.168.1.0/24 Shares cme smb 10.0.0.0 -u UserName -p 'PA...

Spawning TTY Shells

Shell Spawning Python python -c 'import pty; pty.spawn("/bin/sh")' python3 -c 'import pty; pty...

Système des capabilities Linux

Introduction et principes généraux des Capabilities Lorsque l’on veut lancer un processus avec c...

Passons à la pratique!

Première phase de l'exploitation Nous allons desormais nous appuyer sur le programme précédement...

Brève introduction

Tout d'abord qu'est ce qu'un buffer overflow? Et à quoi ça sert? Les buffer overflow sont des fa...

Premier exploit

Premier exploit Maintenant que vous avez vu comment modifier la sauvegarde d'EIP d'une fonction ...

Zipper (Hard)

Ce que vous allez apprendre : API vers RCE De la magie pour obtenir un shell stable Abus des...

Zipper (Hard)

What you will learn: API to RCE Funky shell magic to get a stable environment Abusing SUID ...

Contact

Please contact us at : contact[at]hideandsec[d0t].sh If you have any question regarding our writ...

HideAndSec

We are a group of cybersecurity enthusiasts interested in various areas including software securi...

SSRF Bypass (Part 2 SSRF Series) [incomplete]

What can we do with SSRF? SSRF to reflection XSS Try to use URL to access internal resources an...

CSP in a CTF Context (Part 4 CSP Series)

Common attack surface script-src : script: only trust the current domain nameobject-src : Do not...

CSP Bypass (Part 2 CSP Series) TODO

SSRF in a CTF Context (Part 4 SSRF Series)

Common attack surface Port scanning can be performed on the external network, the internal netwo...

CSP Prevention (Part 3 CSP Series)

CSP is especially important for your users: they no longer need to be exposed to any unsolicited ...

CSP Intro (Part 1 CSP Series)

CSP (Content Security Policy) is there / in-place to mitigate some attacks, such as xss, csrf. It...

SSRF Prevention (Part 3 SSRF Series)

How to prevent SSRF It is easier to filter the returned information and verify the response of t...