Release Date 14 October 2013 Vendor Sam Brishes – http://www.pytes.net/ Affected Product Dexs PM System WordPress Plugin Version 1.0.1 Vulnerability Class Persistent Cross-Site Scripting ...

Following a recent pentest I performed for a client I stumbled upon their private SSL certificate. The SSL key was password encrypted, thus could not be used directly without knowing...

A tool I’ve been writing to enumerate the enabled HTTP methods supported on a webserver. Currently only in the initial beta stage, but includes basic checking of files including the...

A whitepaper detailing various methods to bypass ASLR (Address Space Layout Randomization) when developing custom exploit code. This was originally an unpublished paper that I wrote for the Infosec ...

A simple TFTP Fuzzer I wrote to discover undisclosed bugs within TFTP servers and other simple UDP based protocols. The project is hosted on GitHub and can be found at...