General purpose guide for testing Web Applications. This list is not supposed to be exhaustive, nor is the information absolute. Each web application is different and the business case needs to be ...

This post will show example code of how to generate a Certificate Authority and Host Certificates (signed by the CA we generate) using NodeJS without using OpenSSL. This will be done using the node...

Setup Install Objection Test Objection Find Application Attach to Application Android & iOS Files HTTP Server Hooking Othe...

In this post we’ll look at how to add Certificate Based Mutual Authentication to an express HTTPS server. This will allow us to require a User Certificate before being able to communicate with out ...

In this post we’ll look at how to do secure IPC (Inter-Process-Communication) in Electron. PLEASE NOTE this is NOT a tutorial on Electron or Electron IPC, it will assume you already know how to us...

In this post we’ll look at some more useful tips and tricks when using JavaScript. Copying to Clipboard in the Browser Object Functions Numeric Separators Displaying Units Form...

PAGE UNDER CONSTRUCTION Fuzzing Payloads CR-LF Copy “CR-LF” Payloads to Clipboard Bad Strings Copy “Bad Strings” Payloads to Clipboard JSON Parameter Fuzzing - Small Copy “JSON Parameter Fuzzi...

Collection of interesting and useful commands in Windows command prompt and PowerShell. Command Prompt Change Computer Name View BitLocker Status Executing an Application...

In this post we’ll look at how to use the filter and map functions in JavaScript and why you would use them. Filter The Normal Way Using Filter Advanced Filtering ...

The goal of this tool is to create a list of fuzzing payloads for testing JWTs on web services and applications. The payloads are designed to test common JWT issues and bypasses, as well as attempt...

Guide for hardening SSH server on a Linux machine. Enable Certificate Based Authentication Disable Password Authentication Disable Empty Passwords Disable Root Login Change Default SSH ...

Guide for learning how to setup and configure SSH server on Linux (debian). Getting Started Install SSH Server Server Config Connection Banner Login Welcome Message...

Demonstration of how dump SAM, SYSTEM and SECURITY registry files. Prerequisites Ensure you have access to an Admin level command prompt. Dump Files reg.exe save hklm\sam sam.sav reg.exe save h...

Demonstration of how to perform Windows UAC Privilege Escalation (CVE-2019-1388). This vulnerability allows a user to escalate from a low privilege level (non-admin) to SYSTEM. Download EXE W...

How to add a custom menu option to the right click menu in Windows 10 and have it execute a command/application. Steps Open regedit.msc. Navigate to HKEY_CLASSES_ROOT\*\shell. Right click o...