Hacking Banks With Race Conditions
How race conditions compromise the security of financial sites.
Recent posts
Hacking The Web With Unicode
Confuse, Spoof and Make Backdoors.
Hacking Git Directories
How to reconstruct source code from an exposed .git directory.
Hacking Encryption With Signing Oracles
And why you should never reuse encryption keys!
Hacking Python Applications
And how attackers exploit common programming pitfalls to gain control.
Beginner’s Guide To CTFs
How To Start With Security Capture The Flag Competitions.
PHP Phar Deserialization
Exploiting PHP deserialization vulnerabilities without unserialize().
PHP Magic Methods
Magic methods that can be used to kick start your RCE chain.