Pentesting Methodology Scripts Tools Practice Links Topics Searchsploit searchsploit [needle] searchsploit -p [ID] # full path searchsploit -m [ID] # mirror searchsploit --nmap [fi...

Windows Setup Honestly, just use FLARE and SIFT for forensic analysis. Here is a list of things I used to install: OllyDBG x32dbg x64dbg Ghidra Visual studio (shortcut developer comman...

Ubuntu 20.04 Setup sudo apt upgrade && sudo apt update sudo dpkg --add-architecture i386 sudo apt-get install -y build-essential ninja-build qemu gdb gdb-multiarch gcc gcc-multilib ...

Misc Plot GPS coordinates Upgrade shell on remote target: python -c 'import pty; pty.spawn("/bin/bash")' If you are given a VM look at recently run commands: f...

main() General Resources CyberChef Zardus Hammond Zaratec r/hacking SecLists Command not found Competitions CTFtime Cyber Skyline Pico Presidents Cup (January) ...

Squashing Bugs Introduction There are several topics related to V8 security that I have not yet discussed. This post will cover some areas that are related to bug hunting, such as security mechan...

JavaScript Engine Exploitation Primitives Introduction In my last post, I talked about JavaScript Objects and how they’re stored on the heap. Now I’m going to talk about exploitation primitives t...

Exploiting Bug 1051017 If you haven’t checked out my previous article on this bug, you can read that first here. I wrote this on commit 73f88b5f69077ef33169361f884f31872a6d56ac for an Ubuntu 20.04...

JavaScript Variables’ Representation in Memory Introduction So far in this series we have covered a significant number of topics related to understanding the V8 code. The last area we need to exp...

Turbofan Introduction In this long-awaited post we will cover V8’s compiler. We are going to look at the general design, its implementation in code, debugging tools, and more. As I have mentioned...