https://machevalia.blog/blog daily 0.75 2025-11-08 https://machevalia.blog/blog/cve-2025-56385-wellsky-harmony-sql-injection monthly 0.5 2025-11-08 https://machevalia.blog/blog/multiple-vulnerabilities-in-centralsquare-etrakit-and-ivr monthly 0.5 2025-11-08 https://machevalia.blog/blog/cve-2023-46013-eramba-community-edition-v3211-insecure-direct-object-reference-idor monthly 0.5 2025-11-08 https://images.squarespace-cdn.com/content/v1/639bcf9ae1aabb6394c4c281/215a7ed8-9572-4b53-98c8-e7bfb0d3e609/e5492c7e-0f51-4b47-95c4-c296fa2bc528.png Blog - CVE-2023-46013 Eramba Community Edition v3.21.1 - Insecure Direct Object Reference (IDOR) - Make it stand out Right click elipses of attachment to copy link address. https://images.squarespace-cdn.com/content/v1/639bcf9ae1aabb6394c4c281/7018c72b-c2f7-4b80-8f84-378d8b2b7f55/a9cb54e4-dc37-4191-8029-423741eb527c.png Blog - CVE-2023-46013 Eramba Community Edition v3.21.1 - Insecure Direct Object Reference (IDOR) - Make it stand out Attachment with direct object number in URL. https://images.squarespace-cdn.com/content/v1/639bcf9ae1aabb6394c4c281/6ef27df3-f672-493e-b75e-6f263a7fbdbf/1ddfbeca-02cc-4e03-a55e-4d85a206eb35.png Blog - CVE-2023-46013 Eramba Community Edition v3.21.1 - Insecure Direct Object Reference (IDOR) - Make it stand out Add attachment. https://machevalia.blog/blog/when-uploads-break-xss-defenses monthly 0.5 2025-11-08 https://images.squarespace-cdn.com/content/v1/639bcf9ae1aabb6394c4c281/fc71e455-3e1d-42dc-97fc-0091ff12405c/svg_xss_example.png Blog - When File Uploads Break XSS Defenses - Make it stand out XSS via inlined SVG https://machevalia.blog/blog/the-dark-side-of-xss-weaponizing-xss-to-manipulate-and-deceive-for-social-engineering-purposes monthly 0.5 2023-03-29 https://machevalia.blog/blog/the-freedom-in-being-different-how-courage-can-change-your-life monthly 0.5 2023-03-19 https://machevalia.blog/blog/letsdefend-soc164-suspicious-mshta-behavior-walkthrough monthly 0.5 2023-02-05 https://images.squarespace-cdn.com/content/v1/639bcf9ae1aabb6394c4c281/923402ad-116a-4bc7-8503-d7a4a4d79972/lolbas-mshta-execute.png Blog - LetsDefend SOC164 - Suspicious Mshta Behavior Walkthrough - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/639bcf9ae1aabb6394c4c281/4af84eb2-9535-4a07-bbe0-a3d9343063b9/ChatGPT.png Blog - LetsDefend SOC164 - Suspicious Mshta Behavior Walkthrough - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/639bcf9ae1aabb6394c4c281/a81e132e-8cdb-4a80-ac40-fd20a4a5be98/clean_break_PS.png Blog - LetsDefend SOC164 - Suspicious Mshta Behavior Walkthrough - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/639bcf9ae1aabb6394c4c281/93d978b1-566d-438a-8eea-6dcb56398b2b/alert-details.png Blog - LetsDefend SOC164 - Suspicious Mshta Behavior Walkthrough - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/639bcf9ae1aabb6394c4c281/53accc09-e5c2-4a08-8a2f-97807fcdcedc/process-history.png Blog - LetsDefend SOC164 - Suspicious Mshta Behavior Walkthrough - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/639bcf9ae1aabb6394c4c281/fc0b2b0b-d6a9-4654-b09d-4946633e5dc3/ChatGPT2.png Blog - LetsDefend SOC164 - Suspicious Mshta Behavior Walkthrough - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/639bcf9ae1aabb6394c4c281/2a8ffb6d-8e8f-41b0-a982-53f17db5b9cb/parent-process-breakdown.png Blog - LetsDefend SOC164 - Suspicious Mshta Behavior Walkthrough - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/639bcf9ae1aabb6394c4c281/844c7792-de19-49cb-a111-74e60f0265ad/cmdhistory.png Blog - LetsDefend SOC164 - Suspicious Mshta Behavior Walkthrough - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/639bcf9ae1aabb6394c4c281/c4c97e03-7b10-4889-aba6-a7c1ea7c61e3/log-search.png Blog - LetsDefend SOC164 - Suspicious Mshta Behavior Walkthrough - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/639bcf9ae1aabb6394c4c281/5c901370-40dd-420e-8595-6292d669ea8c/endpoint-security.png Blog - LetsDefend SOC164 - Suspicious Mshta Behavior Walkthrough - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/639bcf9ae1aabb6394c4c281/75746b8e-fbfd-4b12-aeb9-c41507567999/virustotal.png Blog - LetsDefend SOC164 - Suspicious Mshta Behavior Walkthrough - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://machevalia.blog/blog/oscp-review monthly 0.5 2023-02-01 https://images.squarespace-cdn.com/content/v1/639bcf9ae1aabb6394c4c281/72b390a2-b260-44e6-b57b-33286e875835/oscp.png Blog - OSCP Review - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://machevalia.blog/blog/2022-bug-bounty-year-in-review monthly 0.5 2022-12-29 https://machevalia.blog/blog/oswa-web-200-experience monthly 0.5 2022-12-29 https://machevalia.blog/blog/red-team-tactics-loiding-a-door monthly 0.5 2022-12-29 https://machevalia.blog/blog/cve-2022-34002-personnel-data-systems-pds-vista-7-local-file-inclusion monthly 0.5 2022-12-20 https://machevalia.blog/blog/cve-2022-26959-northstar-club-management-software-version-6-3-full-blind-time-based-sql-injection monthly 0.5 2022-12-20 https://machevalia.blog/blog/ivanti-epm-remote-code-execution monthly 0.5 2022-06-05 https://machevalia.blog/blog/broken-access-control-idor monthly 0.5 2022-12-20 https://machevalia.blog/blog/sqli-and-rce-in-quicklert-for-digium monthly 0.5 2022-02-22 https://machevalia.blog/blog/access-control-violation-sensitive-data-exposure monthly 0.5 2022-02-19 https://machevalia.blog/blog/remote-code-execution-in-tgz-file-upload monthly 0.5 2022-01-30 https://machevalia.blog/blog/stored-cross-site-scripting-in-mediawiki monthly 0.5 2022-01-28 https://machevalia.blog/blog/access-control-violation-wiki-page-creation monthly 0.5 2022-01-26 https://machevalia.blog/blog/year-in-progress-2022 monthly 0.5 2022-12-20 https://machevalia.blog/blog/category/Write+Ups monthly 0.5 https://machevalia.blog/blog/category/Tutorial monthly 0.5 https://machevalia.blog/blog/category/Experience monthly 0.5 https://machevalia.blog/blog/category/Reviews monthly 0.5 https://machevalia.blog/blog/category/Professional monthly 0.5 https://machevalia.blog/blog/category/Opinion monthly 0.5 https://machevalia.blog/blog/category/Vulnerability+Disclosure monthly 0.5 https://machevalia.blog/blog/category/General monthly 0.5 https://machevalia.blog/blog/category/Uncategorized monthly 0.5 https://machevalia.blog/blog/category/Mental+Health monthly 0.5 https://machevalia.blog/blog/category/Bug+Bounty monthly 0.5 https://machevalia.blog/blog/category/Self+Development monthly 0.5 https://machevalia.blog/blog/tag/CVE-2021-43970 monthly 0.5 https://machevalia.blog/blog/tag/Write-up monthly 0.5 https://machevalia.blog/blog/tag/WEB-200 monthly 0.5 https://machevalia.blog/blog/tag/Year-in-Review monthly 0.5 https://machevalia.blog/blog/tag/OSWA monthly 0.5 https://machevalia.blog/blog/tag/Hacking monthly 0.5 https://machevalia.blog/blog/tag/Public+Disclosure monthly 0.5 https://machevalia.blog/blog/tag/CVE-2021-43969 monthly 0.5 https://machevalia.blog/blog/tag/Vulnerability+Disclosure monthly 0.5 https://machevalia.blog/blog/tag/OffensiveSecurity monthly 0.5 https://machevalia.blog/blog/tag/OffSec monthly 0.5 https://machevalia.blog/blog/tag/Red+Teaming monthly 0.5 https://machevalia.blog/blog/tag/Bug+Bounty monthly 0.5 https://machevalia.blog/home daily 1.0 2025-10-03 https://images.squarespace-cdn.com/content/v1/639bcf9ae1aabb6394c4c281/91a7e6b1-c645-486c-8ea6-103dc415385d/20220401_095138.jpg https://machevalia.blog/about daily 0.75 2025-11-08 https://images.squarespace-cdn.com/content/v1/639bcf9ae1aabb6394c4c281/91a7e6b1-c645-486c-8ea6-103dc415385d/20220401_095138.jpg https://machevalia.blog/videos daily 0.75 2023-03-19 https://machevalia.blog/videos-1 daily 0.75 2022-12-17 https://machevalia.blog/courses daily 0.75 2022-12-28 https://images.squarespace-cdn.com/content/v1/639bcf9ae1aabb6394c4c281/1672259066232-GJI0H3B3HY6P5A87CGER/unsplash-image-NoOrDKxUfzo.jpg https://machevalia.blog/contact daily 0.75 2023-02-05 https://machevalia.blog/references daily 0.75 2022-12-20 https://machevalia.blog/store daily 0.75 2023-02-03