This version of LSCP Responsible Disclosure Lab is being kept for the historical purposes. The latest version: https://lscp.llc/index.php/blog/

Hi all! InvoicePlane is a self-hosted open source application for managing your quotes, invoices, clients and payments. Looks pretty good, especially […]

This is a short outcome-focused review of the certification vendors Sam Lyhin had a chance to work with. Offensive Security  As […]

Several vulnerabilities were recently discovered by Lyhin’s Lab in Arunna, which the main purpose, as they say, is “connecting the clouds”. […]

When a demanding customer asks a penetration tester to provide the exact commands on how to remediate the issue, what should […]

Legend has it that Ernest Hemingway won a bet by capturing a single screenshot that will make you cry. Latest commit: 8a995dd29dfe1293c62a0237cddca2e4fd8b7f61 Severity: 8.6 (High) […]

This short article defines the TODAY model, which is a 5-step guide of how to create pen-test reports in an efficient […]

A bit outdated, nevertheless is beautiful in terms of ethical hacking – photoshow is an open source web application with 490 […]

In case of multiple Stored XSS with the strict size limitation – consider the following exploitation technique; it would work, even […]

There is a stored XSS vulnerability in the ‘ntopng web application’ community edition version 4.1.200612. This vulnerability allows a malicious individual […]