lanjelot

New blog post: plORMbing your Django ORM - Part one of a series about ORM Leak vulnerabilities and attacking the Django ORM. elttam.com/blog/plormbing…

Sebastien Macke (@Lanjelot) showed @CrikeyCon the very magical tool - Talkback ( elttam.com/blog/talkback-… ) - if you are drowning in InfoSec news, or floating down Cyber Creek in a barbwire canoe - this may be your life raft! Very kool!

Droppy is excited for lanjelot up on stage where he'll share his tips and tricks. Join us 23 March for Keeping up with the Pwnses - A walk-through of Talkback. events.humanitix.com/crikeycon-ix

New blog post: Keeping up with the Pwnses, an introduction to Talkback elttam.com/blog/talkback-…

I will be impressed by ChatGPT when it can do my tax return for me.

Just released patator v1.0 github.com/lanjelot/patat…

Today we're releasing a public beta of Talkback, a smart infosec resource aggregator to help you keep up with news and research. Please visit talkback.sh and give it a try! We'll be releasing new features and improvements over time.

During a security assessement on a WordPress website, a ninja found a vulnerability in the Aryo Activity Log plugin and used it to exfiltrate the database. Read the security advisory and install the latest version v2.7.0: synacktiv.com/sites/default/…

@LiveOverflow Pentesting just means security testing. It doesn't say what the rules of engagement are: blackbox vs whitebox, scope (external vs internal network, vs application), etc. What you do is called whitebox application pentesting

What do you think I do, when I say: "I work as a pentester"? What's the difference between pentesting and pentesting!? New Video 📹: youtube.com/watch?v=sXThug…

@_hugsy_ What's wrong with dwm? ;)

Oracle of Blaire was definitely a cool chall in @angstromctf, worked with @lanjelot (also member of @thegooniesctf). Here's our writeup: thegoonies.github.io/2021/04/08/ang…

Shakti CTF 2021 - Art Gallery 2 [web] by @lanjelot via @thegooniesctf: thegoonies.github.io/2021/04/04/sha…

My write-up for AgentTesterV2 (web) thegoonies.github.io/2021/03/15/nah… #NahamConCTF thx @NahamSec @_johnhammond @jorge_ctf and everyone else involved for this sweet CTF

@fredraynal Or maybe it's always been about making money? But that would be crazy though right? Everyone knows govs have our best interests at heart.

I am ashamed and I don’t understand... Are Western governments ignorant about what is happening now and will strike back tomorrow?

DiceGang CTF 2021 - Dice is you [rev] by @DaniloNC via @thegooniesctf: thegoonies.github.io/2021/02/08/dic…

#Podcast #Cybersécurité Épisode #293 : Interview de @_r3no_ co-fondateur de @Synacktiv nolimitsecu.fr/interview-rena…

@mztropics @CrowdStrike thanks heaps for your dactyl's writeup, i left some comments on gh

Had lots of fun with @CrowdStrike's #AdversaryQuest. Here are my timings and writeups for a few selected tasks github.com/Sin42/writeups…

Pleased to announce release 2021.01 "Plaintive Manager" of GEF! This release has a ton of bug fixes, a few new features, and a good set of QoL improvements. Additionally, it has changes from the largest cohort of new contributors yet! #gdb #pwning #CTF github.com/hugsy/gef/rele…

As hackers, we've all noticed that human error pattern in computers right? Though a technology 100% created by humans. So could a hacker please explain to me how can we trust any vaccine to be bug free and why would you get the shot when there's a chance things could go wrong?

@intigriti whoami