Vickie Li's Security Blog

Hacking

They are all Injection Vulnerabilities!

What do SQL injections, command injections, and cross-site scripting have in common? The answer is that they are all injection vulnerabilities!

Proxying Like a Pro

Using ProxyChains to proxy your Internet traffic.

Discovering The Hidden Web

How To Perform Pentest Recon Using GoBuster.

Wireshark in the Command Line

Learning to use Wireshark’s Command Line Tool: TShark

Intro To Wireshark

How to use Wireshark to capture network traffic.

Intro To Metasploit

The basics of finding And exploiting vulnerabilities using Metasploit.

An Android Hacking Primer

How to get started hacking Android applications.

Code Review 101

How to perform source code review to find vulnerabilities in web applications.

Using Hydra to Spray User Passwords

And how attackers bypass account lockout when brute-forcing passwords.

Polyglot Files: A Hacker’s Best Friend

And how to hide executable PHP code in JPEG files.

Hacking XML Data

Obtaining illegal data access using XPATH injections.

Hacking Banks With Race Conditions

How race conditions compromise the security of financial sites.

Hacking The Web With Unicode

Confuse, Spoof and Make Backdoors.

Hacking Git Directories

How to reconstruct source code from an exposed .git directory.

Hacking Encryption With Signing Oracles

And why you should never reuse encryption keys!

Hacking Python Applications

And how attackers exploit common programming pitfalls to gain control.

Beginner’s Guide To CTFs

How To Start With Security Capture The Flag Competitions.

Back to top ↑

Insecure Deserialization

PHP Phar Deserialization

Exploiting PHP deserialization vulnerabilities without unserialize().

PHP Magic Methods

Magic methods that can be used to kick start your RCE chain.

Escalating PHP Deserialization

Don’t despair when you can’t RCE. How to achieve authentication bypass and SQL injection using PHP’s unserialize().

PHP Type Juggling Vulnerabilities

How PHP’s type comparison features lead to vulnerabilities, and how to avoid them.

PHP Pop Chains

Achieving RCE with POP chain exploits.

Diving into unserialize()

How PHP’s unserialize() works, and why it leads to vulnerabilities.

Deserialization Bugs In The Wild

A totally unscientific analysis of deserialization vulnerabilities found in the wild.

Exploiting PHP Deserialization

Intro to PHP object injection vulnerabilities.

Hacking Java Deserialization

How attackers exploit Java Deserialization to achieve Remote Code Execution

Back to top ↑

Binary Exploitation

Protecting Binaries

How modern binaries protect against attacks and how these protections are bypassed.

Attacking Dynamic Linking

And how modern binaries protect against attacks

Data Execution Prevention

And how attackers can bypass DEP to achieve code execution.

Format String Vulnerabilities

And how printing a string led to code execution?!!

Buffer Overread

And how the Heartbleed bug works!

Buffer Overflow

And how a jammed laptop key led to code execution?!!

Intro To Binary Patching

How To Patch Binaries For Hackers And Pen Testers.

Intro To Reverse Engineering

Analyzing and Hacking Binaries with Ghidra.

Back to top ↑

System Security

Becoming Root Through Misconfigured SUDO

Linux privilege escalation by exploiting SUDO rights.

Becoming Root Through Overprivileged Processes

Linux privilege escalation by exploiting an overprivileged process.

Becoming Root Through An SUID Executable

Linux privilege escalation by exploiting the SUID bit.

A Deep Dive Into Linux Permissions

Learn about the Linux permission model and how it affects your system’s security.

Escaping Docker Privileged Containers

Why you should not run Docker with the “privileged” flag.

Stealing Port Knock Sequences For Server Access

How the incorrect use of port knocking can lead to system compromise.

Privilege Escalation Via Cron

How attackers can exploit misconfigured Cron permissions to gain root access.

Back to top ↑

Bash Scripting

Bash Tips

Useful tips to up your Bash game.

Bash Functions

Writing functions to simplify your script.

Bash Tests And Loops

Using tests and loops in Bash.

Bash Variables And Conditionals

Using variables and conditionals in Bash.

Intro To Bash Scripting

Using Bash Scripts To Automate Your Workflow.

Back to top ↑

SSRF

SSRF In The Wild

A totally unscientific analysis of those SSRFs found in the wild.

Bypassing SSRF Protection

There’s always more to do…

Exploiting SSRF

And how I got your company secrets.

Intro to SSRF

And how your firewall failed you.

Back to top ↑

Development

How To Review Code For Vulnerabilities

Performing a source code review is one of the best ways to find security issues in an application. But how do you do it?

Building a Security-First Culture

And why Application Security is like wearing masks.

A Penetration Tester’s Journey to the Code Analysis Camp

Most of you know me as an offensive security gal. The fact that I decided to join a SAST team frankly surprised me as well.

Apache for Beginners

Get your website up and running in minutes using Apache.

Back to top ↑

Info Leak

How to Find More IDORs

And maximize their impact while hunting for bugs.

Intro to IDORs

And how to cause a massive data breach.

Back to top ↑

AI

Tech Writing vs GPT

Is AI replacing technical writers and developer advocates?

ChatGPT: Build me a Recon Tool!

Using ChatGPT to build a simple hacking recon tool

Back to top ↑

Books

How to Connect with Anyone in 30 Seconds

For anyone who has ever felt ridiculously awkward in social situations.

Back to top ↑

Book reviews

Designing Secure Software: A Guide for Developers

AppSec engineer’s book club #001 — discussing Loren Kohnfelder’s book

Back to top ↑

Vickie Li

Hacking

Insecure Deserialization

Binary Exploitation

System Security

Bash Scripting

SSRF

Development

CSRF

ChitChat

Info Leak

AI

Books

Book reviews