Evil SQL Client (ESC) is an interactive .net SQL console client that supports enhanced SQL Server discovery, access, and data exfiltration capabilities.
This blog will share how to configure your own vulnerable Linux server so you can practice building and breaking at home.
This blog will cover different ways to approach SSH password guessing and attacking sudo applications to gain a root shell on a Linux system.
This blog will walkthrough how to attack insecure phpMyAdmin configurations and world writable files to gain a root shell on a Linux system.
This blog will walk through how to attack insecure NFS exports and setuid configurations in order to gain a root shell on a Linux system.
This blog will walk through how to attack insecure Rsync configurations in order to gain a root shell on a Linux system.
In this blog I’ll share a process/script that can be used to identify online service providers used by a target company through domain validation tokens stored in DNS TXT records.
This blog will walk through how to find and exploit SQL Server global temporary table race conditions to gain unauthorized access to data and execute code.
This shows how to bypass SQL Server logon trigger restrictions by spoofing hostnames and application names using lesser known connection string properties.