My place on the web

The following article attempts to address the topic of creating security procedures. It can be used in your company in its entirety or as a model for further development. The safety procedure should be a kind of instruction where reading it will be carried out as a handle after the… Continue reading →

One of the important elements of sleep hygiene is to fit in with the hours of its duration in the peri-day cycle of the sun – fall asleep when it is dark, wake up with the sunrise. Unfortunately, nowadays artificial lighting is able to strongly disturb this state of equilibrium…. Continue reading →

The standard in today's world is the use of communication on websites via HTTPS, and its absence is stigmatized by modern browsers. Qualys can use the service to verify that your server is using unsafe encryption algorithms. As a result of the scan, we will obtain a report assessing the… Continue reading →

Some content on websites is seemingly hidden – that is, without their address we are not able to get to them. Often these are some remnants still from the stage of application development – the developer had to remove them later, but forgot ̄_(ツ)_/ ̄ . With the help of… Continue reading →

XXEinjector is a tool that automates the process of exploiting a security error consisting in the ability to inject external entities into xml files (XML eXternal Entity). It allows, among other things, downloading and uploading files directly and using an intermediary server, enumering files and directories, or enumering un filtred… Continue reading →

Have you heard of data leaks from AWS S3 backets? The same leaks can be found in AliYun OSS backets! Wojtek created the first Aliyun OSS security checker tool, which is available on his githubie: AliYun

Although the design of Prussia undoubtedly has a large number of advantages, there will also be disadvantages in it. One of them is the lack of own lighting. As a night printer, I decided to eliminate this problem by mounting one using LED tape. For my project I used: printed… Continue reading →

Until recently, I knew almost nothing about the existence and operation of mechanical watches. Infected by my brother's passion for this subject, I decided to study the knowledge in this field. That's how I found a very substantive channel about watches by Krzyśk Humeniuk – TikTalk It went on fast…. Continue reading →

As part of my thesis, I had the opportunity to conduct a full penetration test of a commercial web application written using ASP.NET. The result of my research is a report, which I decided to share in a "shaded" form with a wider range of people. Materials of this type… Continue reading →

An experienced pentester, he knows that a well-written report is characterized by the fact that after its presentation the client does not have any additional questions. To do this, it should contain at least four basic sections with information for different audiences. Section 1: General information and statistics While a… Continue reading →