Java application sometimes did not go through (use) the global proxy setting. This means that even we setup the proxy and import the burp suite certificate, we are still not able to intercept HTTPs traffic.
This article is going to show you how to setup your Burp Suite proxy and certificate with Java Application for intercepting HTTPs traffic.
OS Command Injection is that the software constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
This article describes that how did I find CVE-2019-11224 and three ways for bypassing “space” character while OS Command Injection.
In information security and programming, a buffer overflow, or buffer overrun, is an anomaly where a program, while writing data to a buffer, overruns the buffer’s boundary and overwrites adjacent memory locations.
Return-to-libc is a method that defeats stack protection on linux systems.
This article will show you that how to attack C program by using buffer overflow and return to Libc method to pop a bash shell.
Recently, Apache released Apache httpd 2.4.26. And 2.4.26 fix a lot of issues. You can find the detail in this link. One of the issue is CVE-2017-7659. This article will discuss this issue and show the payload.
This article tell you how to reverse and inject your own code to Android Application. Therefore you can get sensitive information, Series Number or other information.