Open in app

Sign In

Write

Sign In

Brandon Roldan
Brandon Roldan

516 Followers

Home

About

Nov 20, 2022

Proxying Network Traffic Without a Hostname

Introduction I was watching, liveoverflow’s tutorial series on game hacking. In part 9, he developed a proxy server to intercept the game traffic. https://www.youtube.com/watch?v=iApNzWZG-10 . But i noticed a problem with his approach. He knows that the game uses the hostname master.pwn3 and game.pwn3 to connect to the game. With that…

Hacking

4 min read

Proxying Network Traffic Without a Hostname
Proxying Network Traffic Without a Hostname
Hacking

4 min read


Jun 6, 2022

Behind the Bug: Password reset poisoning

Introduction In this writeup, i will be explaining what password reset poisoning is, and show examples on it on real life projects. Lets get started What is Password Reset Poisoning Password reset poisoning is a technique whereby an attacker manipulates a vulnerable website into generating a password reset link pointing to a domain under their control. …

Hacking

4 min read

Behind the Bug: Password reset poisoning
Behind the Bug: Password reset poisoning
Hacking

4 min read


Mar 2, 2022

IDOR in support.mozilla.org through Code Review

I was trying to improve my static analysis code, specifically django apps, so i decided to hack a random project in github. And i found kitsune. https://github.com/mozilla/kitsune Kitsune is made by mozilla and according to them, it is what powers the support.mozilla.org So i downloaded it, and tried to hack…

Bug Bounty

2 min read

IDOR in support.mozilla.org through Code Review
IDOR in support.mozilla.org through Code Review
Bug Bounty

2 min read


Feb 14, 2022

Bookwyrm Server Side Request Forgery

While reading the code of bookwyrm, i encounter this endpoint This endpoint calls the function views.upload_cover.

Django

2 min read

Bookwyrm Server Side Request Forgery
Bookwyrm Server Side Request Forgery
Django

2 min read


Feb 8, 2022

Hacking into school management systems. Reflected XSS To RCE

As a hacker, we are asked a million times before if we can hack into their school system and change their grades. So i decided to take it a little further and actually try to research on school management systems. I picked one of the most famous free school management…

Hacking

4 min read

Hacking into school management systems. Reflected XSS To RCE
Hacking into school management systems. Reflected XSS To RCE
Hacking

4 min read


Feb 7, 2022

Hacking and reverse engineering il2cpp games with ghidra

Last writeup, we talk about how to hack unity games compiled on mono. This time, we will be hacking unity games compiled in il2cpp. IL2CPP is a Unity3d technology for converting C# code to C++ code and from there native compilation for a particular platform. Unlike mono, it is harder…

Ghidra

4 min read

Hacking and reverse engineering il2cpp games with ghidra
Hacking and reverse engineering il2cpp games with ghidra
Ghidra

4 min read


Feb 5, 2022

Hacking .Net Games With DnSpy

Introduction Unlike native games that is made with c++/c, games made with c# are easier since c# is not compiled and the metadata are not completely lost. In this writeup, i will show you how to hack Unity Games compiled with mono, or any other games that is made with .net…

Hacking

3 min read

Hacking .Net Games With DnSpy
Hacking .Net Games With DnSpy
Hacking

3 min read


Published in System Weakness

·Jan 30, 2022

How To Get Started Hacking Django Based Applications

Django is a python based web framework. In this writeup, i will teach you how to analyze django based applications . For this writeup, i will be using wagtail for examples. …

Hacking

7 min read

How to get started hacking django applications
How to get started hacking django applications
Hacking

7 min read


Jan 9, 2022

2FA bypass by reading the documentation

This is a fairly simple and short writeup, but i think is worth sharing, so lets get started. This program is private so i will be redacting most of the information from it. Like any other website, my program has a 2fa implemented, and their implementation is pretty good too…

Bug Bounty

2 min read

2FA bypass by reading the documentation
2FA bypass by reading the documentation
Bug Bounty

2 min read


Dec 26, 2021

Universal Esp for Il2cpp Unity Games

In this writeup i will be showing you how to make an esp on any unity games that is il2cpp compiled. This writeup is inspired by https://github.com/ethanedits/Universal-Unity-ESP . Unity can be compiled with either il2cpp or mono. In mono, we can do mono injection for making our hacks, however, you…

Game Hacking

5 min read

Universal Esp for Il2cpp Unity Games
Universal Esp for Il2cpp Unity Games
Game Hacking

5 min read

Brandon Roldan

Brandon Roldan

516 Followers
Following
  • Alexis Rodriguez

    Alexis Rodriguez

  • 0xPredator

    0xPredator

  • Chenny Ren

    Chenny Ren

  • 0xEchidonut

    0xEchidonut

  • Alyssa Herrera

    Alyssa Herrera

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech