Information Security Services
Hello There, In this post I will share my opinion on the current Bitcoin quantum computing debate. There is a lot of noise out there and I think most of it is driven by panic rather than principle. Intro: Let me start with the foundation: Not your keys, not your coins. This is not just […]
This post will serve as a reference on how to use Brownie development framework when dealing with EVM compatible blockchains like Ethereum or Binance Smart Chain. I did choose this framework since it’s based in python programming language which is easier IMHO than JavaScript one and I am interested only in auditing the smart contracts […]
Security Code reviewing is a tedious task specially when you do it with primitive tools and techniques like grepping or die() Visual Studio Code is a powerful IDE from Microsoft and I think it’s the best product from Microsoft in the past few years. Hence we can make a use of it to debug PHP […]
While code reviewing a PHP web application last weekend I was happy to find a SQL injection vulnerability quickly in a search function. it was a time-based one and verified with a simple sleep() command So I decided to launch SQLmap to automate the rest of the exploitation part, However turned out things did not […]
Hi ! Intro back in 2017 while scrolling the twitter feed I stumbled upon a tweet by mr_me announcing about the availability of AWAE course in next 2018 BlackHast Asia. honestly I was not planning to take the course any soon, it’s definitely in my agenda but not that soon since I was already doing […]
Hi There, In this post I will walk-through the hackfest2016: Sedna VM So Let’s start ! Enumeration: We will scan all TCP ports along with top UDP ports root@kali:~/vulnhub/sedna# nmap -sS -p- -A –reason 192.168.17.156 \ > && nmap -sU -sV -A –top-ports 100 192.168.17.156 \ > && nmap -sU -p 161 192.168.17.156 \ > […]
Hi There, Ever since passing the OSCP exam I was thinking of taking the CTP course However, it was not a priority at that time since I have to focus on web stuffs. But In the last few months I had a free time to do. as usual to register the course you have to […]
Hello There, In this post I will talk about my experience with eWPTX certificate. I did register for this course since I was looking for advanced training in Web Hacking, eWPTX was the best option out there after reading the syllabus. Registration went smoothly, there is no waiting queue like OSCP. pay and start the […]
Hello There, In this post I will talk about my experience with CISSP Certificate. Why I study it and how I manage to get certified. Intro: After finishing OSCP certificate I start studying CISSP the next day, it was in my plan to study CISSP right after finishing OSCP. I felt that I need to […]
All of us have projects to be finished and many people do not continue their projects for different reasons. In this post I will talk about a routine usually I do follow to help me finishing my projects, I hope you find it useful. I call this routine The Cook Model. this routine is simple […]