Practical introduction to Frida on Android: setting up the environment (ADB + frida-tools + frida-server) and solving several basic exercises with JavaScript scripts.
Practical write-up of a 64-bit ELF with format string and buffer overflow to leak libc/PIE/canary and build a ROP that bypasses NX, ASLR, PIE, and stack canary.
MITM with ARP poisoning and mitmproxy: intercept traffic in transparent mode, redirect with iptables, and modify responses on the fly using scripts with mitmdump.
Video write-up by Brainpan (Vulnhub) focused on practising buffer overflow in Windows for OSCP using Mona.
Step-by-step explanation and PoC of the chain of vulnerabilities in WordPress 5.1 (patched in 5.1.1): CSRF in comments → Stored XSS via wp_kses bypass → RCE by editing plugin as administrator. Requires victim interaction (visiting malicious page).
Two real techniques for bypassing captive portals on WiFi networks: MAC cloning (weak authentication) and DNS tunnelling with iodine (for more secure portals). Updated with modern tools, best practices, and security recommendations.
Proof of Concept (PoC) for the WinRAR CVE-2018-20250 vulnerability, allowing remote code execution by extracting malicious files to arbitrary directories. Step-by-step guide to create a malicious ACE file that executes a payload on system startup.
Protostar Stack6: when you can't jump to the stack, it's time for ret2libc. Offset calculation and use of system(), exit() and '/bin/sh' from libc to execute a shell.
Protostar Stack5: first "classic" buffer overflow with shellcode injection, offset calculation, EIP control, and use of NOP sled to stabilise addresses.
Continuation of Protostar (Stack 3–4): overwriting function pointers and EIP using classic overflows with gets(), offsets, and little-endian.
Practical introduction to stack buffer overflow with Protostar's Stack 0–2 challenges: offsets, little-endian, and using arguments/environment variables to modify memory.
Example of phishing in Windows 10 with a PDF and an embedded SettingContent-ms file, automatically executed by JavaScript when the document is opened.