Division Zero (Div0). Copyright © 2011-2018

All rights reserved.

5 Sep 2017

On 11 August 2017, I participated in an online lucky draw. Instead of winning some prizes, I stumbled upon two vulnerabilities. It turned out that their CAPTCHA was as poorly implemented; similar to what was reported on the M1 Wireless@SG site and t...

11 Aug 2017

NTU OFFSEC organises weekly workshops. 

Schedule for Academic Year (AY) 2017/2018 Semester 1:

  • 18th Aug – Physical Hack/Linux

  • 21st Aug – Google Hacks/How to be a Professional Stalker

  • 28th Aug – Exploiting C Assignments

  • 4th Sep – Netw...

14 Aug 2016


According to the CVE, Spring Framework has security restrictions as one serialise an object, but does not have any security restrictions as it deserialise objects from untrusted sources. Therefore, remote attackers only need to bypass some...

Please reload


September 5, 2017

Please reload

Please reload

RSS Feed