In a recent assessment, my teammates and I were tasked to perform a web security review of several applications with the possibility to perform internal pentest if the opportunity came up. On one ...

Context This blog post aims to solve a problem I faced when using open source tooling with Cobalt Strike. During my security assessments I often rely on tooling developped in Python, C#, Go or C/...

Context Back to 2019, my first HackTheBox box Intense was released with several steps involved: exploit a SQL injection for SQLite DBMS on the web application use a hash length extension att...