- A quick walkthrough of how to crack hashed passwords with John the Ripper
- Password cracking wordlists reprise
- Crash course in Elasticsearch Logstash and Kibana log aggregation
- Fuzzing network services with Fuzzotron and Radamsa modified pcap testcases
- CVE-2019-15947 Bitcoin Core bitcoin-qt crash dumps contain wallets
Site wide release of my semi-private exploit archive
What is in this dump?
All of these exploits are originally coded by oxagast / Marshall Whittaker. Some of them were already known vulnerabilities
that I took and re-evaluated then wrote an exploit for them that I thought was more functional or logical in some way.
Some of these vulnerabiltiies are partial PoC exploits that will make something crash, but not actually get
root. Some will straight drop you at a root shell. None of this code should ever under any circumstances be run in a
production environment, or on a system that you do not have express permission to run a penetration test on.
Word of warning: some of this code breaks things. Read it before running it.
Also some other partials that I am proud of but were not assigned a CVE.
There is also a GitHub repo that contains all of the above exploits and more.
Email me at firstname.lastname@example.org for any questions, comments, or if you have an idea for an interesting target you may want to collaborate on!