Introductory guide on how to use Frida to analyse iOS applications at runtime to perform actions such as search for methods, hook methods, view & modify instructions, and view & modify regi...

In this post we’ll cover how to attack an oracle function that encrypts user supplied data concatenated with an unknown string under ECB mode while using a constant but unknown key. This post will...

In this post we’ll cover how to decrypt messages that have been XOR encrypted using a repeated key, such as 84 d2 7a 09. The method we’ll be using to break the encryption uses statistics (letter fr...

In this post we’ll cover how to decrypt messages that have been XOR encrypted using a single byte key, such as b7. While this might not sound that useful, it’s a pre-cursor to breaking XOR encrypti...

This post will show how PKCS#7 Padding works for block ciphers like DES and AES. This post includes visual examples and the edge case to be aware of. PKCS#7, which includes message padding, is defi...

This tool can convert from UTF-8 strings to BaseN (any arbitrary base). It can also convert from BaseN to UTF-8 or HEX. The conversion alphabet can also be specified for these conversions as well. ...

Maze colouring using BFS (Breadth-First Search) and DFS (Depth-First Search). For reference, the mazes in the below examples were generated using the Randomized Depth-First Search (Recursive Backtr...

In this post we’ll look at how to implement the FABRIK algorithm in 2D in JavaScript using the p5.js library for drawing. The Forward And Backward Reaching Inverse Kinematics (FABRIK) algorithm is ...

Intro guide on how to use Frida to hook Android applications at runtime to inject code and override methods. This guide already assumes you have frida installed and have frida-server installed on y...

How to generate a reverse, bind, and in-browser JSP War shell. This will cover generating payloads with MSFVenom and manually creating a war file from our own JSP file(s). JSP War Shell MSFVeno...

Guide for basic SSH usage and SSH Port Forwarding. Basic SSH Connect to Host Connect to Host with Private Key Connect to Host with Certain KeyExchange & Cipher ...

Collection of commands for when working with Android and iOS devices. Device must be Rooted/Jailbroken for almost all commands. Both Objection Search Files for String Sea...

Collection of interesting and useful commands for the Netsh tool in Windows. Netsh has a huge amount of functionality, this is by no means exhaustive. Description Command ...

This page is an interactive tool of this page. All the data for this checklist application is STORED CLIENT-SIDE. This application works by storing data in localStorage so that it’s persistent betw...

General purpose guide for testing Web Applications. This list is not supposed to be exhaustive, nor is the information absolute. Each web application is different and the business case needs to be ...