Author: HackerOnTwowheels

Content Type Forcing – The XSS you may have missed.

Posted on April 27, 2020July 13, 2020 by HackerOnTwowheels

~#: Introduction It is pretty well known that some Cross Site Scripting vulnerabilities can be browser depended. For example in

Continue reading

Certified Red Team Operator – Review

Posted on March 10, 2020July 13, 2020 by HackerOnTwowheels

What is #RTO? Red Team Operator is a new course offered by Zero Point Security created by Daniel Duggan, AKA

Continue reading

Exploiting File Uploads Pt. 2 – A Tale of a $3k worth RCE.

Posted on September 13, 2019July 13, 2020 by HackerOnTwowheels

#TL;DR; In this post I show how I was able to find a Remote Code Execution vulnerability on a private

Continue reading

Exploiting File Uploads Pt. 1 – MIME Sniffing to Stored XSS #bugbounty

Posted on May 30, 2019July 13, 2020 by HackerOnTwowheels

Some tips and tricks on exploiting Image File Uploads to achieve Stored XSS.

Continue reading

Offensive Security Certifications Review

Posted on May 14, 2019July 13, 2020 by HackerOnTwowheels

As you may have read in my about page, I am OSCP and OSCE. I took OSCP back in 2015,

Continue reading