The Magic of SSH Tunnelling and ProxyJump

There are many cases where a system administrator or user needs to access a resource or system that resides on a remote LAN, often behind a firewall such that the service cannot be accessed directly. The usual solution to this scenario is to set up a VPN. VPNs are great …

Backdooring Installation ISOs

Recently, for purely academic reasons, I had a need to create a script that would allow me to easily backdoor installation ISOs, the kind of ISOs you would find for UNIX/Linux-based distributions. I wanted something that could arbitrarily install any backdoor and evade detection, which is already easy enough …

Cerberus XSS

I recently found another XSS vulnerability while experimenting with a service that I have previously used. Cerberus is an anti-theft solution for Android, and provides many more features compared to the standard Android Device Manager. Once the Cerberus application is installed and configured on your Android device, you can access …

PacketFence XSS

My apologies for no pictures- I love pictures, but this was a long time ago and I currently don't have any.

You know you're doomed when you can't just use software without looking for security vulnerabilities. Looking for XSS vulnerabilities isn't usually too exciting, so I definitely enjoy the opportunity …