PwnDiary

Are you really familiar with xxd? pwndiary.com/write-ups/hitc… — by @umutoztunc

Sometimes your own functions can be used against you! pwndiary.com/write-ups/redp… — by @umutoztunc

Reverse engineering is fun, isn't it? pwndiary.com/write-ups/cbm-… — by @umutoztunc

Your password might be long and contain letters, digits, and symbols. However, it doesn't mean that it is impossible to crack! pwndiary.com/write-ups/spam… — by @umutoztunc

Never underestimate the power of a one-byte! pwndiary.com/write-ups/tuct… — by @umutoztunc

Sometimes you need to combine vulnerabilities to exploit a binary file. pwndiary.com/write-ups/asis… — by @umutoztunc

Obfuscation makes neither your .NET application nor PowerShell script invincible! pwndiary.com/write-ups/kasp… — by @umutoztunc

Did you know that you can write a shellcode with doubles? pwndiary.com/write-ups/kasp… — by @umutoztunc

PHP can serialize and deserialize objects. Isn't it great!? pwndiary.com/write-ups/kasp… — by @umutoztunc

If you don't check the boundaries well, a single byte can destroy everything! pwndiary.com/write-ups/p-w-… — by @umutoztunc

Even if it is not possible to control the stack and the registers, it is still possible to get a shell! pwndiary.com/write-ups/p-w-… — by @umutoztunc

Even babies know how to leak addresses using GOT and PLT sections. pwndiary.com/write-ups/p-w-… — by @umutoztunc

Did you assume using AQL would make your queries injection-free? pwndiary.com/write-ups/p-w-… — by @umutoztunc

PHP, JavaScript, or Python do not make it secure for you. You need to make it secure by yourself! pwndiary.com/write-ups/p-w-… — by @umutoztunc

Who needs a debugger... pwndiary.com/write-ups/bsid… — by @umutoztunc

Not all binaries start at main! pwndiary.com/write-ups/bsid… — by @umutoztunc

From the look of the flag, the author didn't expect people to get a remote shell on the server! pwndiary.com/write-ups/bsid… — by @umutoztunc

Things may not always be what they seem. pwndiary.com/write-ups/hitc… — by @umutoztunc

One bit is enough to make a software exploitable! pwndiary.com/write-ups/hack… — by @umutoztunc

Good for newcomers to learn and practice. pwndiary.com/write-ups/hack… — by @umutoztunc