Learn Pentesting like a Pro!

Hacking and securing ElectronJS apps

19 rules to attack and defend ElectronJS apps 🥷

Aug 25, 2024 • 

DH

1

February 2024

How to do security testing in WeWork, Starbucks, airports... or any public WiFi

Yes! Being a digital nomad and bug bounty hunter or security engineer is easier than you thought

Feb 23, 2024 • 

DH

January 2024

Top 10 commands to pass the OSCP certification (Updated!)

Try harder and get the d*** certification!

Jan 21, 2024 • 

DH

5

November 2023

New exploit for Apache ActiveMQ CVE-2023-46604

Update! Update! Update!

Nov 22, 2023 • 

DH

1

October 2023

Exploiting CVE-2023-4911(Looney Tunables) Local Privilege Escalation in Debian 12.1

Year 2023... buffer overflows are back! 😵‍💫​

Oct 8, 2023 • 

DH

August 2023

🤖 Top 10 vulnerabilities for ChatGPT and LLM applications

New technologies introduce new and old vulnerabilities and threats

Aug 4, 2023 • 

DH

2

March 2023

Path Traversal Cheat Sheet

List of useful paths to exploit path traversal in Windows and Linux

Mar 27, 2023 • 

DH

February 2023

Patch your VMware ESXi now!

Ransomware attacks are raising against ESXi infrastructure

Feb 13, 2023 • 

DH

✅ Quick guide for password cracking

Learn different techniques to create custom wordlists from the content of a website and how to use John the Ripper or Hashcat to crack Windows or Linux…

Feb 8, 2023 • 

DH

2

SSRF cheat sheet for AWS, GCP and Azure

In a Server-Side Request Forgery (SSRF) attack, the attacker can abuse functionality on the server to read or update internal resources.

Feb 6, 2023 • 

DH

🥷 Top sites for passive reconnaissance

Passive reconnaissance is a critical step for bug bounties or penetration testing engagements, get ready!

Feb 3, 2023 • 

DH

January 2023

How to scan a host with RustScan

After using nmap and unicornscan for a while, RustScan is probably the fastest to scan TCP and UDP ports, learn how to use it

Jan 18, 2023 • 

DH