InfoSec Blog

thezero

Security Researcher e Senior Penetration Tester in Shielder.
In ufficio sono quello che usa il saldatore. Non solvo nessuna Crypto.

OpenStack's noVNC XSS

19/10/2019

Exploiting an old noVNC XSS (CVE-2017-18635) in OpenStack

OpenStack was using an old version of noVNC affected by a DOM-based XSS that allowed attackers to steal VM tokens and take over VMs.

4

Min

Webtech Usage

08/03/2019

WebTech, identify technologies used on websites

Release of WebTech, a tool for RECON during Penetration Tests that scan websites and identify technologies and frameworks in use.

2

Min

Frida

04/02/2019

FridaLab – Writeup

Writeup for the FridaLab challenge with a basic introduction to the Frida toolkit on Android.

3

Min