bugpoc Solving BugPoC XSS Challenge Hi, This is my write up for BugPoc XSS challenge, I will try to walk you through the process from reading the Javascript and discovering the vulnerability to analyzing the
frida Getting Started with Frida : Hooking a Function and Replacing its Arguments Getting started with frida.
xss Go Local : Solving intigriti 3rd XSS Challenge Few hours ago intigirit posted their third XSS challenge, the solution of the challenge is a little different than your typical XSS challenges. In this write up I will try
Ghidra An Hour with Ghidra : The Good and The Ugly So, the NSA decided to release their reverse engineering tool named Ghidra, I did have some time to play with it, and to be honest I was really impressed it's
upnp UPNP Attacks : Hello Old Friend Update : I don't have a complete evidence that the attacks were UPNP attack except from the hacker's page about the attack and some news websites, however, until a firm confirmation
AFL AFL / WinAFL Tips and Tricks Hi there As you all know there are so many tutorials online explaining how to use AFL online, some of them introduce some really cool tricks that helps AFL or
bugbounty How I Discovered XSS that Affects around 20 Uber Subdomains Hi again, Welcome my first bug bounty write up, I don't do bug bounty that much especially web bug bounties but it started to interest me lately so I decided
Hacking Building a Feedback Driven Fuzzer - Dev Log 4 : GUI is Here Note: If you haven't read previous posts about the fuzzer, I recommend you read them here Hi There, It has been a while since I posted about my fuzzer, I
openvpn Using ShadowSocks to Bypass OpenVPN Restrictions (Works in Egypt) Hello again, another post that is not related to my fuzzer since I am kinda busy with other stuff these days. Disclaimer : This post assumes you have a machine on
patreon Patreon : Make sure to bill upfront or your content can be accessible for free Hi there, this is a quick post until I have something to add in my fuzzer series or the new series I am currently preparing ;) A while ago one of
Hacking Building a Feedback Driven Fuzzer - Dev Log 3 : Radamsa Integration Hello again, we are back with our third devlog, today we will talk about how I integrated radamsa as my mutation engine. My first attempt at this was by forking
Hacking Building a Feedback Driven Fuzzer - Dev Log 2 : Coverage Hello again, so today we will talk about how I calculate coverage by counting the basic blocks that gets executed. A very easy way to do it is to use
Hacking Building a Feedback Driven Fuzzer - Dev Log 1 Feedback driven fuzzing (AKA Genetic Fuzzing) have been proven to be one of the most effective ways to find memory corruptions. One of the best fuzzers out there is AFL
offsec CTP and OSCE : My Experience Hello again people, A couple of days ago I successfully passed the OSCE exam, So I wanted to share with you my experience and my mistakes may be it can
The Discovery of an Already Fixed Microsoft Bug Today we will talk about a bug that I discovered in Microsoft that allows you get remote access to a machine provided that the user have both office and java
The Program That Makes Other Programs, How I Learned Programming Hello guys .. unlike my regular posts today I decided to make a non technical post so no zeros or ones today :). A lot of people ask how hard is it
Certificates PWK and OSCP my experience Hello people, So today I passed the OSCP exam. It was a long road but totally worth it, so I decided to share the story about this lovely journey to
Welcome Welcome To My Blog Hi there, My name is Fady Othman, I live in Egypt. I work in information security field and I really love what I do, so I created this blog to