Winslow

icon indicating a website link https://winslow1984.com

icon location Red Teamer

Results 4 issues of Winslow

Sql Injection Security Issues

2 comment

Hey, I find few parameters are vulnerable to SQL injection vulnerability. A list of affected files: UserDAO.java Stocks.java SupplierDAO.java ProductDAO.java CustomerDAO.java ConnectionFactory.java

In-process .NET assembly execution does not always return output

19 comment

**Describe the bug** If the execution happens in the process, there is no output. **To Reproduce** Steps to reproduce the behavior: 1. Generate a session stager implant, and execute it....

investigating

Impersonate command does not work as described

6 comment

**Describe the bug** The description of Impersonate command says **Sliver commands that run new processes (like shell or execute-command) will impersonate this user.**. However, it does not work as expected....

bug
documentation

improve execute-assembly cli parsing ux

7 comment

**Describe the bug** If the parameter of the program to be executed contains any space, command execute-assembly will parse it as a new parameter. **To Reproduce** Steps to reproduce the...

enhancement
UX