An example proof of concept to show bad programming practice in nodejs that allows for user supplied data to be executed on the server.
A real world example of how an XSS in the administration portal of a WordPress instance can lead to an RCE by uploading a webshell using the XSS.
A simple Python script that can be used to brute force the password of a password protected PDF file.
Enabling the abililty to use psexec over the network when credentials are available by toggling a value in the Windows registry.
A reusable function that can be used to obtain the username given a Process ID on Windows. Code is in VB.NET.
Small piece of code written in .NET to create a binary that when run will mute the speaker. Uses Windows API (SendMessage).
A simple client server Proof of Concept to show how websockets can be used to transfer and execute commands.
Creating a auto submit (body onload) form when an input button called submit exists. Very common CSRF exploit PoC.
A quick video post showing the XSPA/SSRF bug found with Yahoo! Developer Network. This bug allowed for network port scanning and banner grabbing.
The first XSPA/SSRF bug that led to the discovery of this issue in other applications and eventually a paper that was presented at multiple conferences.
