PasqualeNew Content!Hello! If you happen to find this page, all content has been moved and will be published to my new site going forward.1 min read·Mar 11, 2022----
PasqualeTiming-Based Username Enumeration: What’s a fix versus mitigation?For web-based applications, Timing-based Username Enumeration is a great find. For testers it’s low-hanging fruit and a great way to…4 min read·Jan 7, 2022----
PasqualeMindset for hacking GraphQL ApplicationsI’ve tried to summarize a lot of information from HackTricks, YouTube, HTB write-ups, disclosed vulnerabilities, and the GraphQL…3 min read·Nov 23, 2021----
PasqualeShell Games — A closer look at the behavior of different msfvenom shellsDuring a recent engagement I had the chance to test various payloads against a few different endpoint detection tools. Think of anti-virus…4 min read·Oct 13, 2021----
PasqualeLeveraging Postman Collections for Offensive Webapp TestingI was recently in an engagement with a web application that was interconnected with about half a dozen services while offering up a few…4 min read·Aug 13, 2021----
PasqualeHow to configure Android Studio with BurpSuiteLet’s say you’ve been assigned some mobile work. You’re a pentester, mobile developer, or just a tinkerer who needs to be able to see…5 min read·Jun 11, 2021----
PasqualeA week without “why” and how it changed my thinkingTruth be told, and if I’m being a bit candid, I really dislike the word “why”. Now, if you find yourself asking inside your head, “but…4 min read·Jun 2, 2021----
PasqualeThe mental tweak that helped me on my OSCP journeyIn a previous post, I highlighted my overall OSCP experience. The high-level ideas around education, studying, and exam attempts are there…3 min read·Mar 8, 2021----
PasqualeHow to set up(and secure) a Samba media server for Chromecast usage (in 20 minutes or less!)Over the last few months, my primary focus has been hacking. As an attacker, seeing file-sharing systems like Samba, FTP, and NFS get me…5 min read·Feb 24, 2021----
PasqualeSecond Serving of the OSCP -My Exam Experience(s)For the uninitiated, the Offensive Security Certified Professional (OSCP) is an ethical hacking certification that demonstrates a…5 min read·Feb 22, 2021----