Ulisses AlvesinInfoSec Write-upsUsing tmux for automating interactive reverse shellsAutomating the process of converting a non-interactive reverse shell to a fully interactive TTY.3 min read·Jul 2, 2021--1--1
Ulisses AlvesWhite Box Penetration Testing: “Cheating” in order to boost impact and valueAlmost every professional pentester is always thrilled when a black box pentesting comes along, however it’s probably in white box that…7 min read·Feb 5, 2021----
Ulisses AlvesinInfoSec Write-upsThis is how you can deliver true value through your pentest reportsThere are only two things your client wants: how their business can be affected by impactful exploitation of a vulnerability and how they…7 min read·Jan 12, 2021--1--1
Ulisses AlvesLearning from your mistakes as an offensive security professionalA team methodology for extracting the best lessons out of your worst failures.4 min read·Dec 28, 2020----
Ulisses AlvesinInfoSec Write-upsHandling Short Expiring Time of Authorization TokensHow not to waste precious time when testing a web applications or API’s with Burp Suite9 min read·Dec 22, 2020----
Ulisses AlvesA matchbox machine that learnsToday I’m going to write about a very cool thing that I learned a few months ago: how to build (and code) a matchbox machine that can…6 min read·Mar 29, 2020----
Ulisses AlvesinInfoSec Write-upsMobile phone number verification bypassIn this post I’ll show how I bypassed the phone number verification process in a website. I’m also going to explain why this was possible…6 min read·Mar 29, 2020--1--1