PyJFuzz to the next level

Focused JSON fuzzing with BurpSuite and PyJFuzz - JSON vulnerabilities to the next level

October 20, 2016

What is PyJFuzz

In the previous post i wrote about PyJFuzz a project of mine focused on JSON fuzzing, it was developed entirely in Python based on radamsa general-purpose fuzzer. As I promised in this post I will talk about real-life fuzzing using PyJFuzz and Burp Suite. PyJFuzz is modular, easy-to-use, easy-to-extend and easy-to-integrate JSON fuzzer, using it you will be able to fuzz almost everything JSON based with a small effort.

A bit 'bout fuzzing

Fuzzing JSON using radamsa

October 13, 2016

JSON this stranger

Today JSON is the most used method to serialize objects and/or properties in order to exchange them between applications, in fact all the biggest companies today use it, companies such as Facebook, Google, Twitter and many more make uses of rest API servers. Rest API servers are JSON/XML based endpoint servers used to provide additional functionalities to user experience.

When permission goes wild

A tale of weak permission and bad practices

September 26, 2016

WordPress Penetration Test

Today a friend of mine told me:

I don't know how it is possible, i've a fully patched wordpress site without a particular or malicious plugin, but someone keep hacking me over and over!

Since he's a friend of mine I told him to let me take a look, so i'll try to figure out what goes wrong with the server setup! He was happy enough to find the root cause of so many breaches so he gave me access to their test server with a limited account and a php shell (Take in mind php was chrooted!).

Windows privilege escalation made easy

Automatic script to perform security check for common windows misconfiguration.

September 26, 2016


User's privileges are a daily challange in today's hack, sometime when a malicious user break into your system he tries also to escalate their permission till Administrator account. There are many ways to do it, some are really hard to perform such as 0day, others are pretty trivial such as misconfigurations, weak permissions, elevated process, pipelines and more. Perform all those task on a system with many packeges installed would be a really pain in the ass, here's where my script come in help!.

Bludit CSRF Remote Command Execution

From CSRF to server takeover

September 23, 2016

CSRF it's so critical?

Yesterday while i was auditing my own blog in order to fix all possibile bugs, i discovered a trivial but effective vulnerability affecting last version of Bludit CMS , the bug was a CSRF due to inexistence of a token during some requests in order to validate them. Usually this kind of vulnerabilities are considered "not critical" because of their nature, since user interaction is required. CSRF may lead to different vulnerabilities such as

  • Cross Site Scripting
  • Internal File Disclosure
  • Information Leak
  • SQL Injection

Nibble Blog IP spoofing attack

How much insecure are headers?

September 22, 2016

How it happens?

I was surfing on the net and i was looking for a responsive / easy-to-use CMS framework in order to bringing
my blog to life! with a bit of luck i found a CMS called NibbleBlog, it was XML based (nice feature!), lightweight and
it was jsut perfect in order to start a blog!