隠者 Inja Security
隠者 Inja Security
  • Home
  • ~$ whoami

Matheus Boschetti

Application Security

CVE-2024-29320: SQL Injection in Wallos

Introduction An open-source personal subscription tracker, Wallos designed to empower people to manage their finances with ease. Wallos is written in PHP with a SQLite database, it has over 1.000 stars in GitHub and over 100.00 downloads for its Docker image. A quick search on Shodan reveals at least 66 Read more…

By Matheus Boschetti, 1 yearApril 4, 2024 ago
Application Security

CVE-2024-27613: Arbitrary File Manipulation in Numbas

Introduction Developed by Newcastle University’s School of Mathematics, Statistics, and Physics, Numbas is an open-source e-assessment/e-learning system. According to its website, Numbas is used in over 1.000 institutions worldwide and has been in use for over a decade. It is written using mainly JavaScript and Python with Django, with a Read more…

By Matheus Boschetti, 1 yearMarch 15, 2024 ago
Defense Evasion

Bypassing PowerShell CLM with Custom Runspaces

Introduction Building upon the last technique for bypassing AppLocker default rules, this blog post aims to add another technique for bypassing CLM and executing PowerShell code. As per Microsoft’s own definition: PowerShell Constrained Language is a language mode of PowerShell designed to support day-to-day administrative tasks, yet restrict access to Read more…

By Matheus Boschetti, 2 yearsAugust 24, 2023 ago
Defense Evasion

Striking Blue: Picking Digital Lockers

Introduction After establishing a foothold inside a corporate Windows environment, there’s a considerable chance for an adversary to encounter several defenses in place. This blog post aims on showcasing a technique for bypassing application control policies that can be employed through AppLocker. Application Control and Whitelisting Another mechanism commonly employed Read more…

By Matheus Boschetti, 2 yearsAugust 20, 2023 ago
Defense Evasion

Leveraging Process Injection for AV Evasion

Introduction This blog post aims on showcasing a technique for Windows local payload execution, in addition to evading Antivirus solutions. The What and Why Process Injection has been around for many years, however, it is still heavily used by APT groups and therefore for Adversary Simulation. Adversaries may inject code Read more…

By Matheus Boschetti, 2 years ago
Red Team

Striking Blue: Throwing Rocks at the Panes – Part 2

Introduction Following up on the first part of the series, this blog post will expand and showcase techniques for initial access with client-side code execution. A technique that recently gained popularity is HTML Smuggling, which consists of storing a payload file in a JavaScript blob and delivered through a seemingly Read more…

By Matheus Boschetti, 2 yearsJuly 23, 2023 ago
Red Team

Striking Blue: Throwing Rocks at the Panes – Part 1

Please note: the information and techniques described in the series are targeted at security enthusiasts and/or professionals for learning purposes and professional consultancy services. This does not, by any means, promote or incentivize the usage of the techniques for any cyber crime or illegal purposes. The author may not be Read more…

By Matheus Boschetti, 2 yearsJuly 2, 2023 ago
Phishing

Evilginx: Hunting for Mastodons

Please note: the information and techniques here described are targeted at security enthusiasts and/or professionals for learning purposes and professional consultancy services. This does not, by any means, promote or incentivize the usage of the techniques for any cyber crime or illegal purposes. The author may not be found responsible Read more…

By Matheus Boschetti, 2 yearsJune 22, 2023 ago
Certification Review

Offensive Security Web Expert (OSWE)

Advanced Web Attacks and exploitation (WEB-300) is an advanced web application security course that teaches the skills needed to conduct white box web app penetration tests. Learners who complete the course and pass the exam earn the Offensive Security Web Expert (OSWE) certification and will demonstrate mastery in exploiting front-facing Read more…

By Matheus Boschetti, 2 yearsJune 22, 2023 ago
Certification Review

Offensive Security Wireless Professional (OSWP)

Wireless Attacks (PEN-210) introduces learners to the skills needed to audit and secure wireless devices and is a foundational course alongside PEN-200 and benefits those who would like to gain more skills in network security. Learners will identify vulnerabilities in 802.11 networks and execute organized techniques and those who complete Read more…

By Matheus Boschetti, 2 yearsJune 21, 2023 ago

Posts navigation

1 2 Next

Recent Posts

  • CVE-2024-29320: SQL Injection in Wallos
  • CVE-2024-27613: Arbitrary File Manipulation in Numbas
  • Bypassing PowerShell CLM with Custom Runspaces
  • Striking Blue: Picking Digital Lockers
  • Leveraging Process Injection for AV Evasion

Archive

  • April 2024
  • March 2024
  • August 2023
  • July 2023
  • June 2023
  • January 2023
  • October 2022
  • July 2022
  • April 2022
  • February 2022

Categories

  • Application Security
  • Binary Exploitation
  • Certification Review
  • Defense Evasion
  • Malware Development
  • Open Source Software (OSS)
  • Phishing
  • Red Team
  • Security Research
  • ~$ whoami
Hestia | Developed by ThemeIsle