IDS & WAF Evasion using HTTP Parameter Pollution

Introduction Didn't really spot any tutorials on HPP around here so I decided to throw some information on the subject. Parameter pollution occurs when there are multiple POST/GET parameters in the...

Read More

Remote Code Execution Through PHP Wrappers

Since I've not seen some of these methods covered around here (except for php://filter and php://input), I decided to put up some material on 'em. Basically, they are more than self-explanatory...

Read More

eLSB Stegano+ Asymmetric Backdoors in Kleptography

Been quite some time since I last posted something stego oriented so here it goes. In this one I'm gonna explain a bit of in-depth steganography (as a matter of fact LSB shifting is considered a novice...

Read More

DNS Rebinding/PAT/NAT/NAT Pinning & Overloading

I'd lie if I say I find it awkward that this hasn't been discussed here before. I'll go through the basic explanations so that you may know what we're gonna talk about. Basically this method enables us...

Read More