Kamil Vavra | @vavkamil

Offensive website security | Bug bounty | Ethical hacking

🕵️Whoami 💰Bug bounty 📖Blog 💻Tools 📢Talks 🏆LinkedIn 📩Contact


Mostly posts about offensive website security


All posts

All-in-One WP Migration <=7.14 Arbitrary Backup Download

A long time ago, I made a stupid decision to use WordPress for this blog about offensive website security. Since then, I learned a lot. I will be releasing a plugin to defend against XML-RPC attacks and guide how to generate a static HTML site in upcoming weeks. But today I would like to share an interesting vulnerability that I... }}

Hack-back: the tale of embarrassing phishing campaign

UPDATE: 17th January 2020: Another landing page disabled. UPDATE: 15th January 2020: I posted this to reddit.com/r/hacking and it seems like the mods didn't like it, they consider my blog post as a self-promotion and spam. Thank you!You have been permanently banned from participating in r/hackingYou have been permanently banned from participating in r/ActLikeYouBelongYou have been permanently banned from participating... }}

An introduction to the Router Exploit Kits

OWASP Czech Chapter Meeting, Dec 11, 2019 ~ Brno /assets/img/2019/12/an-introduction-to-the-router-exploit-kits.pdf https://vimeo.com/383300304 OWASP Czech Chapter meeting }}

Bug Bounty ~ Work Smarter, Not Harder

https://twitter.com/vavkamil/status/1126948609050779650 https://twitter.com/vavkamil/status/1126948609050779650 /assets/img/2019/05/ctjb_2019_bugbounty.pdf }}

Understanding the full potential of sqlmap during bug bounty hunting

Swiss army knife for SQL Injection attacks, sqlmap was first developed in 2006 by Daniele Bellucci and later maintained by Bernardo Damele and Miroslav Stampar. Its early development took off thanks to the OWASP Spring of Code 2007 and was first under the serious media coverage during the Black Hat Europe 2009 conference. If you are interested in more dates... }}

How to bypass Android certificate pinning and intercept SSL traffic

Over the last few months, I had a quite luck finding IDOR vulnerabilities in mobile API of Android applications. Nowadays most of the apps are obfuscated and using certificate pinning to prevent MiTMs. If you are late in the game or want to shift your bug bounty hunting on Android apps, there are awesome tools that can help you catch... }}

Serverless Blind XSS hunter with Cloudflare Workers

If you are not familiar with XSS Hunter by @IAmMandatory, it's an awesome tool for penetration testers and bug bounty hunters that allows easily hunt for blind XSS vulnerabilities. It's open-source with a ton of features. You can use the SaaS version, deploy it yourself or even go serverless with Refinery! You should absolutely give it a try :) I... }}

Content on this site is licensed under a Creative Commons Attribution 4.0 International License
🄯 2019‐2020 - @vavkamil - Open-source Github pages - Powered by Jekyll & The Hacker theme - Subscribe via RSS