FlashDom Massive Domain Resolver was created using Go. I built this tool just to help myself when trying to resolve domains from a file. File Download: Download while giving donation Virus Scan : VirusTotal Sha256Sum : 5855f2ce2450795128c969b53766c7282046241e7219561dc04da02e70f22dbe If you have any idea about this tool, you can leave a comment here on my blog. 🙂
Yes, I am talking about CoinHive that could turn XSS to XSS CryptoCurrency Miner to add the value when reporting XSS for bounty hunter. So, It is not just a pop-up or stealing cookies. This will give higher risk for XSS itself because CoinHive already detected by some antivirus and AntiVirus will block the website
From my last article, we can exploit XXE using Docx file. Now lets build exploit XXE vulnerability using Excel file. Exploit XXE Vulnerability Using Excel File? Microsoft released OOXML Document, OOXML Presentation and OOXML Workbook in 7 December 2006. Source: Wikipedia. So, what is Office Open XML? Office Open XML, also known as OpenXML or
Today, I found a vulnerability on a server which is has feature upload for docx file. I will try to explain how to exploit XXE vulnerability using docx file and how to find this vulnerability. So.. What is XXE Vulnerability? An XML External Entity attack is a type of attack against an application that parses
In this weekend, I will try to write a walkthrough to the VulnHub Bulldog 1. You can download this CTF VM on VulnHub’s website. First, I need to find some open port on the target machine.
nmap -p- 192.168.56.101
Starting Nmap 7.60 ( https://nmap.org ) at 2017-11-04 11:35 WIB
Nmap scan report for 192.168.56.101
Host is up (0.0026s latency).
Not shown: 65532 closed ports
PORT STATE SERVICE
23/tcp open telnet
80/tcp open http
8080/tcp open http-proxy
Nmap done: 1 IP address (1 host up) scanned in 0.81 seconds
I got 3 open ports on the target machine. Now let’s find out what services are running on