Search

Methodology
Cheat Sheets
Walk-Through
Blog
About
- GitHub
- LinkedIn

Month: February 2020

Exploit: XSS filename injection in Dropzone.js
call_google_search_api.py
cmd_loop.sh
Browser Storage (Local/Session/IndexedDB)
Web Messaging / Cross Document Messaging
Cross Site Flashing
Client-Side Resource Manipulation
JavaScript Execution
Application Mis-use
Circumvention of Work Flows
Number of Times a Function Can be Used Limits
Process Timing
Integrity Checks
Ability to Forge Requests
Business Logic Data Validation
Weak Encryption
Sensitive Information Sent via Unencrypted Channels
HTTP Incoming Requests
HTTP Response Splitting / Web Cache Poisoning
Incubated vulnerability
IMAP / SMTP Injection
Social Media Enumeration
ssh_bruteforce.sh
Search GitHub Repositories
Search Technical Information
Publicly Available Information
Privilege Escalation on Unix
Placeholder images for pentests
Vulnerable Targets
Exploit 47995: Sudo 1.8.25p – Buffer Overflow (CVE-2019-18634)
URL Encoded Attacks

Post Categories

Categories

Favorite links

Bypassing URL/Domain/IP
Scripts & Files
Data Exfiltration
File Transfer
Missing Security Controls Calculator
Password Attacks
Privesc: Unix | Windows
Post-Exploit: Unix | Windows
OS: Unix | Windows

External Tools & Resources

AsciiFlow
CSbyGB
CVSS Calculator: FIRST | NVD
CyberChef
Exploit Database
HackTricks
HighOn.Coffee
ipify API (My IP address, text format)
Is this a public IP?
OWASP Testing Guide
Search Vulnerability Database (NVD)
SecLists
TunnelsUp
Webhook.site
Wikimandine

Infosec News

The Hacker News
Krebs on Security
SC Magazine
Infosec Reactions
Cyber Security Hub

Lisandre.com contains notes on the steps and tools used during pentesting, cheat sheets for quick reference on tools, languages, operating systems, ports, and walk-through guides of Capture the Flag (CTF) challenges.

Privacy Policy
Sitemap

Sponsored