Skip to content

b4sh0xf offsec notes

👤 about me

b4sh0xf offsec notes

🏠 home
👤 about me 👤 about me
Table of contents
👩‍💻 programming notes
👩‍💻 programming notes
- php
- javascript
- java
- kotlin
- c/c++
- asp.net
🐱‍👤 pentesting notes
🐱‍👤 pentesting notes
- web exploitation
  web exploitation
  - xss
  - sqli
  - ssti
    ssti
    
    jinja2
    
    spring
    
    erb
    
    pug.js
    
    ejs
    
    twig
  - lfi/rfi
  - insecure deserialization
    insecure deserialization
    
    php
    
    python
    
    java
    
    asp.net
    
    phar deserialization
  - http request smuggling
  - prototype pollution
  - type confusion
  - race condition
  - business logic
  - waf bypass
  - web cache poisoning (PT-BR)
  - off-by-slash
  - zip-slip
- api exploitation
  api exploitation
  - bola
  - bopla
  - bfla
  - sspp
  - json injection
  - improper inventory management
  - ssrf
  - jwt hacking
- mobile exploitation
  mobile exploitation
  - android
    android
    
    os fundamentals
    
    apps fundamentals
    
    bypassing
    bypassing
    
    root detection
    
    frida detection
    
    ssl pinning
    
    anti-emulator
    
    common vulnerabilities
    common vulnerabilities
    
    insecure data storage
    
    deeplinks
    
    webviews
    
    ipc
- cloud exploitation
  cloud exploitation
  - about cloud computing
  - aws
    aws
    
    introduction
    
    interacting with api-cli
    
    lambda functions and api gw
    
    rds
    
    ssrf2aws
  - docker
    docker
    
    about docker
    
    interacting with docker cli and api
    
    docker compose
  - kubernetes
    kubernetes
    
    about kubernetes
- active directory exploitation
  active directory exploitation
  - introduction to AD
  - kerberos
  - adcs
  - ldap
🕵️‍♂️ appsec notes
🕵️‍♂️ appsec notes
✍ writeups
✍ writeups
- hacking club
  hacking club
  - writeup velorum
  - writeup console
  - writeups carnavown
    writeups carnavown
    
    Imetrics
    
    Iapi
- hack the box
  hack the box
  - celestial scribe
- vulnlab
  vulnlab
  - writeup shibuya
- bug forge
  bug forge
🧩 tips n tricks
🧩 tips n tricks
- bypassing client side encryption (PT-BR)
- privesc
  privesc
  - linux
  - windows
- docker escape
- kiosk escape
- php sandbox escape
- python sandbox escape
- cheatsheets
  cheatsheets
- pentesting wordpress
- pentesting laravel
- reverse engineering
- format strings
- buffer overflow
- ret2libc
- rop

about me

whoami?

hey yo, i’m gustavo, a offensive security student since 14 years old and undergraduate in computer engineering at CIn-UFPE. during the last few years, i’ve intensified my note-taking in offensive security and started to play more and more CTF’s, so, i created this website to share what i’ve learned (and still learning!)

certifications

CWHI (Crowsec Web Hacking Initial)
CRTA (CyberWarfare Red Team Analyst)
AD-RTS (Active Directory Red Team Specialist)
CMPen-Android (Certified Mobile Pentester Android)

ctf profiles

skills

web/api pentesting
mobile pentesting
infrastructure
cloud pentesting
security code review