Skip to content

Ghostlulz

Hack the planet
  • Home
  • Blog
  • Books
    • Bug Bounty Playbook – P1
    • Bug Bounty Playbook – P2
    • Cloud Hacking Playbook
  • About Us

Blog

Binary Exploitation – Ret2LibC

August 15, 2023 ghostlulz

Introduction Return-to-libc AKA Ret2Libc is a form of buffer overflow attack that bypasses stack execution protection mechanisms, such as the…

Continue Reading →

Filed under: binary exploits, buffer oveflow, RCE

Cloud Hacking – AWS Elastic BeanStalk

August 9, 2023 ghostlulz

Introduction AWS Elastic Beanstalk(EB) is an easy-to-use service for deploying and scaling web applications and services developed with Java, .…

Continue Reading →

Powershell AMSI Bypass

August 8, 2023 ghostlulz

Introduction When powershell was first released it was immediately abused by attackers so to help defenders Microsoft came out with…

Continue Reading →

Prototype Pollution

April 15, 2022 ghostlulz

Introduction When people hear javascript vulnerabilities most people think of cross site scripting(XSS). However, there are other types of vulnerabilities…

Continue Reading →

Cypher Injection (Neo4j) Graph Databases

April 14, 2022 ghostlulz

Introduction You have probably heard of sql injection which impacts relational databases and you may have heard of nosql injection(https://ghostlulz.com/nosql-injection/)…

Continue Reading →

Filed under: cypher injection

Host header injection

January 18, 2022 ghostlulz

Introduction Host header injection is a web application attack where the attacker provides a false Host header to the web…

Continue Reading →

NoSQL Injection

January 14, 2022 ghostlulz

Introduction I’m sure most of you have heard of SQL injection but what about NoSQL injection? SQL injection is in…

Continue Reading →

Bug Bounty Automation Framework

July 18, 2020 ghostlulz 6 Comments

Introduction As some of you may know I own a company called Offensive AI http://offensiveai.com/ . Our mission is to…

Continue Reading →

Horizontal domain correlation

June 14, 2020 ghostlulz

Slack Group Before we get started I have started a slack group dedicated to hacking. We welcome everyone from beginner…

Continue Reading →

AngularJS Client Side Template Injection (XSS)

February 21, 2020 ghostlulz

Slack Group Before we get started I have started a slack group dedicated to hacking. We welcome everyone from beginner…

Continue Reading →

Filed under: angular, angularjs, client side template injection, xss

Post navigation

Page 1 of 5
1 2 … 5 Next →
Copyright © 2023 Ghostlulz