April 2017


Playing around with pentestit.ru testlab v.10 - Part 1

Lets playing around with pentestit.ru testlab v.10. Target IP : Nmap :

Lets check HTTP header on port 80 :

I tried to open the IP address through web browser but its like taking forever to load the page. 🙁 Ok, lets examine the source of the page:

I found store.gds.lab domain inside


PHP - Fully Undetectable Web Shell

Today, i wanna try to create a simple undetected (hopefully FUD) web shell backdoor. I am using VirusTotal (yes, i want them to check my file, lol..). So, what is FUD? Fully undetectable (usually shortened as “FUD”) can stand for data that had been encrypted, making it appear to be random noise. It can also stand


Buffer Overflow Golang Fuzzer (64bit)

Hi there, Today i just want to share about buffer overflow and a fuzzing tool to check buffer overflow vulnerability. What is Buffer Overflow? A buffer overflow occurs when a program or process attempts to write more data to a fixed length block of memory, or buffer, than the buffer is allocated to hold. Since buffers are created