Manual Source Code Review of WordPress Plugins You can watch the presentation here: Manual Source Code Review on WordPress Plugins
Introduction
WordPress plugins are packages of code that can be added to a WordPress website to extend its functionality. They are designed to enhance the core features of WordPress.
How I passed OSWE Background Currently, I work as a security consultant at Payatu, primarily focusing on web penetration testing and source code review. I also have around 2 years of experience in development mainly in Spring/Java. Given my background in both development and security, I thought OSWE would be a good choice.
Hi there!
This blog contains the write-up for 2 electron source code challenges and 1 android challenge that I created for Winja CTF for the Nullcon Goa event.
This is the vague write-up. I will update it soon.
Android Challenge Bypass the root detection and emulator check, if you are using any of these Host one HTML file with the below code <html> <body> <script type="text/javascript"> app.
Code Injection Code Injection is the general term for attack types which consist of injecting code that is then interpreted/executed by the application. This type of attack exploits poor handling of untrusted data. These types of attacks are usually made possible due to a lack of proper input/output data validation, for example:
Hi there!
This blog contains the write-up for 2 source code and 2 web challenges that I created for Winja CTF for the Nullcon Goa 2022 event.
Source Code Review Challenges Source code repo: https://github.com/p3n7a90n/WinjaCTF_NullconGoa2022
Cache Assisted Satellites Desc This challenge was based on SSRF+CRLF+Deserilisation which leads to RCE