Discovery of CVE-2022-24833
When on a security audit for a client it was discovered that a key component – the open-source private paste service PrivateBin contained a previously undocumented flaw. Cross-site-scripting is nothing new. I actually feel there must be prehistoric cave paintings and markings somewhere in the world containing some variation of <script>alert(1)</script>. Although XSS payloads embedded […]
Why I no longer endorse Offensive Security
Please note that this following post is my own opinion and I do not speak for our team or Nethemba s.r.o as a company on this matter. Many people reading my previous blog entries and who communicate with me in the Offsec IRC may see me as a bit of an Offensive Security fanboy. I […]
Offensive Security Wireless Professional (OSWP) review
Introduction As with OSCP and OSCE I decided to review my experiences with Offensive Security’s OSWP course and exam. As before, I will state that I adopted the nick Dyntra for Offensive Security and many know me by this name. Feel free to say hi on either irc.wechall.net (#revolutionelite #wechall) or chat.freenode.net (#offsec) Course Starting […]
PWK/OSCP and CTP/OSCE – A review and comparison
Introduction Greetings, although I am widely known as sabretooth in the hackchallenge community, I adopted the nick Dyntra for Offensive Security and many know me by this name. Feel free to say hi on either irc.wechall.net (#revolutionelite #wechall) or chat.freenode.net (#offsec) OSCP It has been a few years since I passed Offensive Security’s OSCP certification. […]