An Introduction to Smali
Smali is a type of assembly language for the Dalvik virtual machine, which is used by Android devices. It is used to modify and reverse …
Authentication Testing of Smart Contracts Using FoundryÂ
Smart contracts are self-executing contracts with the terms of the agreement between buyer and seller being directly written into lines of code. They are immutable …
HackTheBox: Object WriteupÂ
Machine Name: Object Difficulty: Hard OS: Windows Rating: 5.0/5.0 Summary Object is a hard Windows machine (Retired) in hackthebox. It gives us hands-on experience working …
Flash Loan Attack on Smart ContractsÂ
Flash loans are a relatively new financial instrument that are enabled by smart contracts on blockchain networks such as Ethereum. A flash loan is an …
How to Prevent Hacking Out of KIOSK
KIOSK machines are self-service endpoints that allow users to complete tasks on their own, at their preferred pace and time. These machines bring a restricted …
Bypassing Firewalls: Going Beyond Source Port ManipulationÂ
As penetration testers/security researchers, we often encounter firewalls configured with rules that make it difficult to discover and test open ports. In this blog, we …
LLDB’s Runtime Manipulation: A Guide to Advance Debugging and Optimization
Authentication bypass is the process of removing the limitations imposed by Apple on iOS devices, allowing users to install and run apps that are not …
Understanding HTTP Request Smuggling with Hop-to-Hop Headers
We have seen HTTP request smuggling attacks by modifying the Content-Length and Transfer-Encoding header. These methods exploit the execution of the headers on the client-side …
All About Creating a New Fuzzer: Wink
This blog describes the attempts, as part of the Payatu Research Team, to fuzz and find vulnerabilities in Windows Kernel. We start the blog by …
