Home Acknowledgements Hacking Events Public Profiles Background education Projects Publications Resources Work Experience Volunteer

Miguel Santareno

Publications:

OSINT Dojo - OSINT challenge week 10/18/2021 - Darknet Favicon Search
OSINT Dojo - OSINT challenge week 09/06/2021 - cryptowallet
System Error Reveals SQL Information in DoD subdomain
Local File Inclusion in multiple subdomains of the Ministry of Defense of Portugal
Padding Oracle ms10-070 in the a DoD website
Unencrypted __VIEWSTATE parameter in a DoD website
Cross Site Request Forgery in auth in https://auth.ratelimited.me/
POST XSS in https://www.khanacademy.org.tr/ via page_search_query parameter
SharePoint exposed web services in mtn group subdomain
Information Disclosure FrontPage Configuration Information /_vti_inf.html in https://www.mtn.co.za/
Information Disclosure Microsoft IIS Server service.cnf in a mtn website
Cross Site Script angular payloads
Google Dorks to find open redirects
List off basic Cross site script playloads
Payloads for all type off web attacks
WordPress basic auditing
HackTheBox - shocker
HacktheBox - Mirai
tryhackme - inclusion
tryhackme - sudo vulns bypass CVE-2019-14287
tryhackme - heartbleed CVE-2014-0160
tryhackme - blue (EternalBlue) CVE-2017-0143
OSINT Dojo Student Badge quiz - 02 Instaquiz by SECTOR035
OSINT Dojo Ronin Badge Quiz - 03 FacebookFind by SECTOR035
OSINT Dojo Student Badge - Reverse Search Whois for email
OSINT Dojo Ronin Badge - Reverse Image Search technique
OSINT Dojo Samurai Badge - OSINTDojo Sakura TryHackMe Room
OSINT Dojo Samurai Badge - Google Dorking/Hacking
OSINT Dojo Daimyo Badge - Basic stuff to check on Tracelabs missing people capture the flag

Quote of the day: Try Harder!