Introduction The nOAuth vulnerability was originally discovered by Descope security team and impacts Microsoft Azure AD applications configured to use OAuth. Essentially the vulnerability is a ...
Obfuscating Rust Binaries using LLVM Obfuscator (OLLVM)
UPDATE - 30 November 2023 I have made available a Docker image containing all the required steps to build a Rust toolchain using OLLVM. Currently it is targeting both x86_64-unknown-linux-gnu an...
Real World CTF 2023 - Ferris Proxy - Reverse Engineering
Introduction During RealWorldCTF 2022 there was a RE challenge named “Ferris Proxy”. The challenge includes 2 executables (client and server) and a TCP packet capture file (pcap) that contains d...
Building a Remote Class Loader in Java
Introduction Inspired by some tools (rebeyond Behinder, AntSword) and CTF challenges, I decided to make a project that facilitates the loading of Java classes into remote computers (or targets)....