The Thick Client Vulns That Weren't A few days ago I saw a tweet about thick client vulnerability. I am not linkingto it because it app... 2021-07-31 12:30:59 | 阅读: 52 | 收藏 | parsiya.net client thick acls windows

Semgrep: The Surgical Static Analysis Tool Why are We Here?Static Analysis In The Real WorldJust Use grepEnter SemgrepSemgrep is Bean from Ende... 2021-06-23 10:42:06 | 阅读: 140 | 收藏 | parsiya.net semgrep analysis security ender tied

The JavaScript Bridge in Modern Desktop Applications What's The JavaScript Bridge?Why is The JavaScript Bridge Important?ExamplesRazer Comms - CEFOrigin... 2021-06-08 16:53:25 | 阅读: 115 | 收藏 | parsiya.net machine comms razer cef gonna

Public Remote File Share in The Cloud Problem StatementResearchEC2 InstanceEC2 WizardAfter Instance LaunchSetting Up SSH AccessSetting Up... 2021-06-01 02:20:40 | 阅读: 133 | 收藏 | parsiya.net ssh ec2 samba machine nano

Testing Extensions in Chromium Browsers - Nordpass What Are We Gonna Learn Here Today?RequirementsBrief ReconThe Local ServerThe Desktop ApplicationThe... 2021-05-01 06:20:40 | 阅读: 261 | 收藏 | parsiya.net subtle ecdh uint8array gcm unhexlify

Attack Surface Analysis - Part 2 - Custom Protocol Handlers IntroductionPrivilege Escalation via Protocol HandlersUnsanitized InputPossible RCE through Windows... 2021-03-20 12:59:37 | 阅读: 281 | 收藏 | parsiya.net remote windows injection mirc payload

Automagically Deploying Websites with Custom Domains to Github Pages Recently, I have started moving my non-critical websites to Github pages. I amdocumenting the proce... 2021-02-18 02:56:33 | 阅读: 84 | 收藏 | parsiya.net github parsiya repository hugo namecheap

Some SANS Holiday Hack 2020 Solutions This year like last year and unlike 2018, I only did a few of the SANS HolidayHack challenges. I go... 2021-01-18 04:33:47 | 阅读: 123 | 收藏 | parsiya.net munchkin santa castle moveto door

Attack Surface Analysis - Part 1 - Application Update: 'A Novel Way to Bypass Executable Signature Checks with Electron' Light Attack Surface AnalysisWhat is Privilege Escalation?From Update to Privilege EscalationSpoofin... 2021-01-09 15:33:32 | 阅读: 135 | 收藏 | parsiya.net windows updater download attacker github

The $15000 PlayStation Bounty Earlier in December 2020, my PlayStation Now report was disclosed. You can seethe report at https:/... 2021-01-02 08:29:00 | 阅读: 83 | 收藏 | parsiya.net bounties learnedi doubt lesson shunning

Customizing Python's SimpleHTTPServer How to Serve FilesCustom GET ResponsesCustom Response HeadersRead Request Path and Query StringsRead... 2020-11-16 13:57:46 | 阅读: 101 | 收藏 | parsiya.net python wfile myhandler rfile

The Same-Origin Policy Gone Wild FoundationsThe Origin HeaderForbidden HeadersSame-Origin Policy SimplifiedCross-Origin Resource Shar... 2020-11-02 13:02:53 | 阅读: 114 | 收藏 | parsiya.net security sop handshake mozilla developer

localghost: Escaping the Browser Sandbox Without 0-Days I had the hono(u)r of presenting in the DEF CON 28 Appsec village.Unfortunately, my super-duper awe... 2020-08-14 12:38:06 | 阅读: 129 | 收藏 | parsiya.net duper pdfyoutube cgl51zcaclg presenting appsec

No, You Are Not Getting a CVE for That An intentionally insecure system is insecure. As Raymond Chen says, "You can't make up forthe absen... 2020-07-26 08:21:15 | 阅读: 77 | 收藏 | parsiya.net security hatchway airtight raymond inject

Thick Client Proxying - Part 11 - GOG Galaxy and Extract-SNI SetupProxy AttemptsCEF Applications and Windows Proxy SettingsConfig FilesCommand Line ParametersChe... 2020-06-23 01:49:35 | 阅读: 139 | 收藏 | parsiya.net gog proxy burp windows tid

Go Slices and Their Oddities SlicesSlice has an Underlying ArrayA Slice is a HeaderQuestionsQuiz 1Slices Can Be Modified in Funct... 2020-05-18 14:37:21 | 阅读: 109 | 收藏 | parsiya.net surprise printslice assignment slices

Thick Client Proxying - Part 10 - The hosts File This Is Not Really NewThe hosts FileWindows DNS CacheWindows DNS Cache in ActionNote for Hyper-V Use... 2020-05-10 05:01:59 | 阅读: 148 | 收藏 | parsiya.net burp proxy windows proxying invisible

Towards a Quieter Burp History TL;DRMotivationNoise in Burp's HistoryOther Applications Stop WorkingSecrets/Credentials in Saved in... 2020-05-02 15:13:24 | 阅读: 153 | 收藏 | parsiya.net burp proxy windows noise thick

The Encrypted Logz - Some Simple Reverse Engineering What does it Look Like?SymbolsQt5 SymbolsGhidra PDB IssuesImporting from IDA to GhidraAnalysisJust G... 2020-04-18 09:30:22 | 阅读: 128 | 收藏 | parsiya.net mtprng ghidra qdatastream twister mersenne

The Golang int and the Overlooked Bug The Challengeint vs. intThe Go PlaygroundThe "Official" AnswerThe "Official" FixBut Why Are You Disa... 2020-04-05 17:19:36 | 阅读: 112 | 收藏 | parsiya.net strconv atoi 2147483648 machine playground