Analysis of XXE 0days in PHPSpreadsheet < 3.4.0
We deep-dive into how it has been possible to find two XXE 0day vulnerabilities in PHPSPreadsheet, bypassing the actual defences and subsequent fixes.
Analysis of CVE-2022-23093 (FreeBSD Ping Stack Overflow)
We are analyzing CVE-2022-23093, step by step, to eventually answer the question: is it possible to get RCE, or not?
SQLMap.sh – DNS Exfiltration made easy
SQLMap.sh is a wrapper for SQLMap that allows using Interact.sh as a DNS server to exfiltrate data without any configuration.