Ghidra An Hour with Ghidra : The Good and The Ugly So, the NSA decided to release their reverse engineering tool named Ghidra, I did have some time to play with it, and to be honest I was really impressed it's an awesome tool,
upnp UPNP Attacks : Hello Old Friend Update : I don't have a complete evidence that the attacks were UPNP attack except from the hacker's page about the attack and some news websites, however, until a firm confirmation from google or
AFL AFL / WinAFL Tips and Tricks Hi there As you all know there are so many tutorials online explaining how to use AFL online, some of them introduce some really cool tricks that helps AFL or WinAFL to find
bugbounty How I Discovered XSS that Affects around 20 Uber Subdomains Hi again, Welcome my first bug bounty write up, I don't do bug bounty that much especially web bug bounties but it started to interest me lately so I decided to start looking
Hacking Building a Feedback Driven Fuzzer - Dev Log 4 : GUI is Here Note: If you haven't read previous posts about the fuzzer, I recommend you read them here Hi There, It has been a while since I posted about my fuzzer, I was a little
openvpn Using ShadowSocks to Bypass OpenVPN Restrictions (Works in Egypt) Hello again, another post that is not related to my fuzzer since I am kinda busy with other stuff these days. Disclaimer : This post assumes you have a machine on the cloud like
patreon Patreon : Make sure to bill upfront or your content can be accessible for free Hi there, this is a quick post until I have something to add in my fuzzer series or the new series I am currently preparing ;) A while ago one of the groups I
Hacking Building a Feedback Driven Fuzzer - Dev Log 3 : Radamsa Integration Hello again, we are back with our third devlog, today we will talk about how I integrated radamsa as my mutation engine. My first attempt at this was by forking radamsa for each
Hacking Building a Feedback Driven Fuzzer - Dev Log 2 : Coverage Hello again, so today we will talk about how I calculate coverage by counting the basic blocks that gets executed. A very easy way to do it is to use DynamoRio, Dynamorio is
Hacking Building a Feedback Driven Fuzzer - Dev Log 1 Feedback driven fuzzing (AKA Genetic Fuzzing) have been proven to be one of the most effective ways to find memory corruptions. One of the best fuzzers out there is AFL which is created
offsec CTP and OSCE : My Experience Hello again people, A couple of days ago I successfully passed the OSCE exam, So I wanted to share with you my experience and my mistakes may be it can be helpful. Unlike
The Discovery of an Already Fixed Microsoft Bug Today we will talk about a bug that I discovered in Microsoft that allows you get remote access to a machine provided that the user have both office and java (not only java
The Program That Makes Other Programs, How I Learned Programming Hello guys .. unlike my regular posts today I decided to make a non technical post so no zeros or ones today :). A lot of people ask how hard is it to learn programming
Certificates PWK and OSCP my experience Hello people, So today I passed the OSCP exam. It was a long road but totally worth it, so I decided to share the story about this lovely journey to get the OSCP
Welcome Welcome To My Blog Hi there, My name is Fady Othman, I live in Egypt. I work in information security field and I really love what I do, so I created this blog to share my hacking
