Skip to content

Zero Aptitude

Info Sec blogs from the Zapt Team
  • Home
  • About
  • Team Member Writeups
    • Zerodetail
    • Pitticus
    • TimTimz

Echidna – Finding your first CVEs

October 2, 2020 zerodetail Leave a comment

Introduction Getting started with bug hunting is hard. Platforms such as Hackerone and BugCrowd provide ample legal targets. However, those…

Continue Reading →

Posted in: Uncategorized

WordPress Plugin Bug Hunting – Part 2

August 31, 2020 Guy Bland Leave a comment

This is part 2 of 2 thus far. See here for part 1 written up by Aaron. ———————————————————————————————————————————————————————————————————————– CVE-2020-25376 –…

Continue Reading →

Posted in: Uncategorized

Subscribe Sidebar plugin by Blubrry v1.3.1 – Reflected XSS – 20 Jun 2020

August 30, 2020 Thomas Pitt Leave a comment

Tested against – Subscribe Sidebar plugin by Blubrry v1.3.1 | WordPress v5.4.1 Reflected XSS Reflected XSS [https://wordpress.org/plugins/subscribe-sidebar/](https://wordpress.org/plugins/subscribe-sidebar/) The “status” GET…

Continue Reading →

Posted in: Pitticus

WordPress Plugin Bug Hunting – Part 1

August 7, 2020 zerodetail Leave a comment

Myself and Guy recently decided to once again attempt to step into the world of Bug Hunting. Our previous attempts…

Continue Reading →

Posted in: Uncategorized

Linux x86 Assembly – Writing your own Shellcode

February 26, 2019 Thomas Pitt Leave a comment

Hey guys, First up. Want to give a big thanks to Cyber_Jellyfish @ research.irukandjisec.com for taking the time to explain…

Continue Reading →

Posted in: Pitticus

Boofuzz – A helpful guide (OSCE – CTP)

November 25, 2018 zerodetail Leave a comment

Overview Whilst studying for the Cracking the Perimeter you will come across many references to the Spike fuzzer. This is…

Continue Reading →

Posted in: Zerodetail Filed under: Boofuzz, CTP, fuzzing, OSCE

Recreating exploits – Disk Pulse Enterprise 9.9.16 – Remote Buffer Overflow (SEH)

November 21, 2018 zerodetail Leave a comment

Introduction As part of my Cracking The Perimeter course, I am doing the usual recommendation of recreating exploits from exploit-db.…

Continue Reading →

Posted in: Zerodetail Filed under: buffer overflow, CTP, egghunter, exploit, OSCE, SEH

Decadence – Python Reverse Shell

July 29, 2018 Thomas Pitt Leave a comment

Python3+ So I played around with writing a reverse shell in python that can run on both Windows and Linux…

Continue Reading →

Posted in: Pitticus

Can’t copy file onto an environment?

June 8, 2018 Thomas Pitt Leave a comment

This was made for a virtual environment that had restricted functions between the End Host and the Virtual Environment. Unable…

Continue Reading →

Posted in: Pitticus

Scenario

June 5, 2018 Thomas Pitt Leave a comment

Continue Reading →

Posted in: Pitticus

Post navigation

Page 1 of 2
1 2 Next →
Copyright © 2021 Zero Aptitude — Escapade WordPress theme by GoDaddy