Responsive image

The Ethernaut is a Web3/Solidity based wargame inspired on, played in the Ethereum Virtual Machine. Each level is a smart contract that needs to be 'hacked'.

The game is 100% open source and all levels are contributions made by other players. Do you have an interesting idea? PRs are welcome at Are you interested in smart contract development or security? Does securing the world’s blockchain infrastructure sound exciting to you? We are hiring!
Tags: security,pentesting,blockchain


This is a honeypot programmed in Micropython for the ESP8266
Tags: honeypot,security,esp

Practical Web Cache Poisoning

Web cache poisoning has long been an elusive vulnerability, a 'theoretical' threat used mostly to scare developers into obediently patching issues that nobody could actually exploit.
Tags: burp,exploit,method,cache,security

NTLM Credentials Theft via PDF Filesned

Just a few days after it was reported that malicious actors can exploit a vulnerability in MS outlook using OLE to steal a Windows user’s NTLM hashes, the Check Point research team can also reveal that NTLM hash leaks can also be achieved via PDF files with no user interaction or exploitation.
Tags: exploit,pdf,CVE-2018-4993

How to Read an RFC

For better or worse, Requests for Comments (RFCs) are how we specify many protocols on the Internet. These documents are alternatively treated as holy texts by developers who parse them for hidden meanings, then shunned as irrelevant because they can’t be understood. This often leads to frustration and – more significantly – interoperability and security issues.
Tags: rfc

SSRF bible. Cheatsheet - Google Docs

SSRF - Server Side Request Forgery attacks. The ability to create requests from the vulnerable server to intra/internet. Using a protocol supported by available URI schemas, you can communicate with services running on other protocols. Here we collect the various options and examples (exploits) of such interaction.
Tags: ssrf,security,web,appsec

GhostPack – harmj0y

Anyone who has followed myself or my teammates at SpecterOps for a while knows that we’re fairly big fans of PowerShell. I’ve been involved in offensive PowerShell for about 4 years, @mattifestation was the founder of PowerSploit and various defensive projects, @jaredcatkinson has been writing defensive PowerShell for years, and many of my teammates (@tifkin_, @enigma0x3, rvrsh3ll, @xorrior, @andrewchiles, and others) have written various security-related PowerShell projects over the past several years, totaling thousands of lines of code.
Tags: security,powershell,offensive

Complete Domain Compromise with Golden Tickets | Insider Threat Blog

Use Mimikatz to get password hashes for the KRBTGT account to forge Kerberos tickets (TGTs), Golden Tickets, to compromise all accounts in Active Directory.
Tags: windows,security,tickets,golden

Security - WebAssembly

The security model of WebAssembly has two important goals: (1) protect users from buggy or malicious modules, and (2) provide developers with useful primitives and mitigations for developing safe applications, within the constraints of (1).
Tags: web,assembly,security

Is WebAssembly the return of Java Applets & Flash?

In my last post on WebAssembly, I made the following claim: Some have compared WebAssembly to Java applets; in some ways, they’re very right, but in some ways, they’re very wrong. Eventually I’ll write a post about the wrong, but for now, the... | Steve Klabnik | “The most violent element in society is ignorance.” - Emma Goldman