Posts

Responsible Disclosure : Security Misconfiguration leading to HPE's Jenkins exposed to internet without authentication

on

Pwning PaaS Cloud Managed Services - From Breaking Isolation to Identifying Abuse

on

Attacking Jenkins with Shared Libraries

on

Attacking with Command Injection on Containers created using Google's Distroless Images

on

Threats of leaked Github Personal Access Tokens : Private Github Enumeration, Backdooring Apps and Stealing Secrets from CICD systems

on

Solving Ropemporium - ret2win - 32 bit , 64 bit

on

Using CodeQL variant analysis to find format string vulnerabilities - Part 2 ( Taint Analysis )

on

Using CodeQL variant analysis to find format string vulnerabilities - Part 1

on