TL;DR The term “Lateral movement” refers to the the set of techniques that allows an attacker to acquire further access into a network, after gaining initial access. The attacker, after gaining ac...

TL;DR The term “Lateral movement” refers to the the set of techniques that allows an attacker to acquire further access into a network, after gaining initial access. The attacker, after gaining ac...

One of the emerging security issues affecting Object Oriented Programming (OOP) Languages over the last few years was “Insecure Deserialization”. A wide range of literature is already available on ...

Ted - Authenticated Local File Inclusion Within this walkthrough, I will skip any part not related to the web application exploitation, but for sake of consistency I would briefly explain what (an...

Raven2 - Remote Command Execution Intro Within this walkthrough, I will skip any part not related to the web application exploitation, but for sake of consistency I would briefly explain what (an...

Pipe - Insecure Deserialization Within this walkthrough, I will skip any part not related to the web application exploitation, but for sake of consistency I would briefly explain what (and why) I ...

Homeless - Authentication Bypass through MD5 Collision Attack Within this walkthrough, I will skip any part not related to the web application exploitation, but for sake of consistency I would bri...

Flick2 - Remote Command Execution Within this walkthrough, I will skip any part not related to the web application exploitation, but for sake of consistency I would briefly explain what (and why) ...

Preface I hope that this post would be beneficial to anyone preparing for OSWE. It’s not an AWAE review, nor an OSWE Exam review. It’s my personal answer to the question: Is it possible to prep...