2018 – Hacktive Security Blog

Internet of Things

Daikin Emura Series – Arbitrary Remote Control via DNS Rebinding

December 14, 2018July 15, 2021

There is a lot of hype around DNS rebinding vulnerability and vulnerable IoT devices, including home cameras, air conditioners or climate control devices; this flaw...

Reverse Engineering

Building reversing skills, crackme level 6 [write-up]

Alessandro Groppo

July 23, 2018June 21, 2021

I don't usually play CTFs, but this time i wanted to improve my radare2 and reversing skills.All crackme challanges can be found here.Levels from 1 to...

Application Security

Responsible disclosure – Reflected XSS on hireon.amazon.com

o___o

April 13, 2018June 20, 2021

On March 13th, by using dnsrecon (https://github.com/darkoperator/dnsrecon) and a huge wordlist, I came across with an Amazon domain (hireon.amazon.com) with a Reflected XSS. Usually I...

Application Security

Facebook chat / dashboard content injection

Cristian Giustini

January 3, 2018July 15, 2021

I often wondered how link generation functionality is implemented by major social network applications and, more specifically, the preview generation. Some time ago a friend...

Daikin Emura Series – Arbitrary Remote Control via DNS Rebinding

Building reversing skills, crackme level 6 [write-up]

Responsible disclosure – Reflected XSS on hireon.amazon.com

Facebook chat / dashboard content injection

Top Category

Application Security

Mobile

Exploitation

Recent Post

Top Category