Home
BaadMaro
Cancel

DGSSI CTF PRO 2024 - Italy Writeup

DGSSI CTF PRO 2024 - Italy Writeup image

The lab was included in the professional DGSSI CTF hosed in SecDojo platform on February 7, 2024. https://www.linkedin.com/showcase/dgssi-ctf-2024/ Naples machine We start our enumeration wi...

Discourse CVE-2023-47119 - Building a CVE POC from commits changes

Discourse CVE-2023-47119 - Building a CVE POC from commits changes image

I was checking for some Discourse vulnerabilities, and I saw that a new CVE was dropped on 11/10/2023 CVE-2023-47119 The details didn’t mention any POC, so I did some analysis based on the source...

Bypass captcha using OCR on Dolibarr login page

Bypass captcha using OCR on Dolibarr login page image

Today i’m going to explain how i was able to bypass captcha using OCR on Dolibarr login page, and create a script for it. Output : I published the tool with the name DoliBrute. I’ll work on it ...

Android Applications Pentesting, Intentional Exercise from Hackerone platform

Android Applications Pentesting, Intentional Exercise from Hackerone platform image

Today we are going to practice some Android pentesting with a challenge made by Hackerone platform. I’ll explain different techniques used in Android pentesting with a practical overview. This ar...

IoT Pentesting with Teltonika RUT9XX

IoT Pentesting with Teltonika RUT9XX image

Today we are going to practice some IoT pentesting with a device called RUT950 as an example. I’ll explain different techniques used in IoT pentesting including emulation, firmware analysis, explo...