Reinventing the low-level network tools would never be complete without famous Wireshark and I’m going to fill this gap today. How to perform network analysis with scapy? Before we begin, I’d like to remind you that you can sign up to the newsletter to get info about latest post and support me on Patreon. The […]
In the last post I showed you how to reproduce traceroute’s behavior. Today I’ll show how to do the same with another famous tool – Nmap and specifically its half-open port scanning using Python with Scapy library. This has some great benefits because apart from learning something and having fun, you can extend the desired […]
Hi. Welcome to the first post in the series, where I am going to show you the capabilities of Python in terms of building your own tools. I have showed those examples on two meetups, but I feel they are worth sharing here for those of you who did not have an opportunity to see […]
Or how Python C module can boost your code Python is quite a powerful language, however, it has its limitations like GIL. On the other hand this flexibility lets you go around a lot of those limitations with some nice hacks. Today I’ll show you how to write your own Python C module. As always, […]
I have recently written an article about how to use Celery in Django projects. Celery is a message queue in Python. I though “OK, cool, now let’s take a look at how it can be implemented from scratch”. Concept of Message Queue The project has 3 parts: Client, which is sending tasks, Broker, which is […]
This is a Pentester Academy challenge writeup. It required to exploit a CVE-2017-5941 vulnerability in NodeJS server application during deserialization to trigger an RCE. Warning this is a writeup so it contains spoilers. I am changing it a little bit in order to save you from revealing everything. Application Server consisted of two endpoints: / […]
It’s time for summary of the first 6 months of running the blog and for making New Year’s resolutions. Successes and failures of 2019 The biggest success was starting the blog itself. After a few weeks I made a post on my plans for the upcoming 6 months. Initially I thought about posting every week, […]
Basic authentication is one of the simples methods of providing credentials to access resources. Today I’m going to take a look on it and provide you with an example of a web page utilizing this mechanism written with PHP and Apache. How does basic authentication work? On request to a protected resource, the server sends […]
Or how to look cooler with htop Htop is a popular command-line tools for monitoring processes. It has some features that seem to be rarely used but could help you with process management or at least make your terminal look cooler. Help If you’ve ever wondered what do those weird colors on CPU and memory […]
Since the very beginning of the existence of this service I was sure that people visiting me would sooner or later start attacking me. Maybe not with helicopters like in image but in a more intangible way. I’ve also said that I’m OK with it as long as responsible disclosure is used and I’m even […]