Most of the solutions for FLARE-On 5 web2point0 challenge involve the use of a framework to decompile WebAssembly. Chrome offers the ability to debug WebAssembly code which gives us the opportunity to solve this challenge without any other tools. When solving simpler crackme binaries, we ...

I had to place an obituary in the Straits Times recently. SPH offers an online service where you can use their tool to design the obituary and make payment, all without going down to their office. I decided to use the service. I entered my personal details and contact information into the first ...

Today newspaper published an article on how SEAB handled the investigation into the O-level cheating case. I was mildly horrified upon reading it and felt that the investigation could have been conducted in a more professional manner. The perpetrators discovered that they were caught even ...

D-Link routers have a basic ping function built in to them. Unlike their ASUS counterparts, which have ping, netstat, traceroute and nslookup builtin, D-Link routers have much more basic functionality. The ping function only displays success or failure and not the entire raw output of the ...

Compared to the OSCP or even the CISSP exam, there seems to be very little information online about CREST examinations. Hence, the reason why I want to share my thoughts on the CREST CPSA exam. That said, all candidates had to agree to an NDA, I will try to provide as much information as ...

ASUS routers have diagnostic tools built into their dashboard which allows authenticated web users to execute ping and netstat commands and have the output be displayed on the webpage. Naturally, this seems like a really good entry point to perform command injection, have the router execute cat ...

Recently, both Firefox and Chrome has been coming down hard on HTTP websites. According to this article, HTTP will be labelled as "Not Secure". This is hardly the first step, HTTP only websites have already had their search ranking penalised, and more stringent measures will surely be put in ...

Exploit Title: Smart Google Code Inserter < 3.5 - Auth Bypass/SQLi Google Dork: inurl:wp-content/plugins/smart-google-code-inserter/ Date: 26-Nov-17 Exploit Author: Benjamin Lim Vendor Homepage: http://oturia.com/ Software Link: https://wordpress.org/plugins/smart-google-code-inserter/ Version: ...