Security Onion Training
This post is a tutorial on using Security Onion OS tools such as Sguil and Wireshark for…
CyberSecurity Articles
Encoding and Decoding with Python | PicoCTF Transformation + net-cat
In this post, we covered encoding and decoding using python and Cyberchef. We solved two challenges from…
Reverse Shell Over ICMP | HackTheBox Minion
In this post, we go over the concept of retrieving shell via ICMP protocol instead of TCP….
Investigating Conti Ransomware on Microsoft Exchange with Splunk | TryHackMe
In this post, we investigated the Conti ransomware that hit Microsoft Exchange via a series of vulnerabilities….
SQL Injection in Search Fields | TryHackMe Cybercrafted Minecraft CTF
In this post, we covered SQL injection in search forms and performed Linux privilege escalation on the…
DevOps Enumeration and Vulnerabilities | TryHackMe Advent of Cyber 3 Day 14
In this post, we covered enumerating vulnerabilities in the DeVOps among which is the insecure file permissions….
Linux Challenges Part 2 | OverTheWire Bandit Level 10-Level 19
In this post, we covered various concepts in Linux such as encoding and decoding, file compression,SSH,etc. This…
Investigating WMI Backdoors in Windows With Loki Yara Scanner | TryHackMe Investigating Windows 2.0
In this post, we covered investigating a compromised Windows machine with WMI Backdoors. This was part…
Amazon AWS Bucket and Container Images Security | TryHackMe Advent of Cyber 3
In this post, we covered AWS cloud security enumeration such as bucket and container images enumeration. We…
Exploiting Server Side Request Forgery (SSRF) | HackTheBox Kotarak
In this post, we demonstrated how to exploit SSRF to discover internal hidden services. We performed privilege…
Linux Command Line Challenges | OverTheWire Bandit CTF
In this post, we covered some Linux command line skills for beginners through solving OverTheWire Bandit CTF…
The ShellShock Vulnerability Explained | HackTheBox Shocker
Shellshock vulnerability allows for remote code execution using shell callouts to bash below 4.3. payload can be…
Hunting Viruses with Virus Total and Yara Rules | TryHackMe Advent of Cyber 3 Day 20 and 21
Hunting viruses and malwares take more than static or dynamic analysis alone. Usually a combination of different…
Open Source Intelligence using Google and Github | TryHackMe Advent of Cyber 3
OSINT stands for open source intelligence and it’s the collection and gathering of information using publicly available…
Windows Active Directory PAC Vulnerability | HackTheBox Mantis
In Windows active directory environment, PAC stands for privilege attribute certificate which stores information about the user…
TryHackMe OWASP Top 10 Walkthrough 2021 – 2024 [Updated]
In this post, we covered OWASP Top 10 using the material in TryHackMe OWASP Top 10 Room….
The Log4j Vulnerability Explained
This video is a detailed tutorial on the Log4J vulnerability (CVE-2021-44228), explaining its critical impact, how it…
Packet Analysis with Wireshark | TryHackMe Advent of Cyber 3 Day 9
We covered basic packet analysis with Wireshark. We used filters to go through packets. This was part…
Recovering Microsoft SQL Database Server | TryHackMe Advent Of Cyber 3 Day 11
McDatabaseAdmin came rushing into the room and cried to McSkidy, “We’ve been locked out of the reindeer…
Enumerating NFS (Network File System) | TryHackMe Advent of Cyber 3 Day 12
Grinch Enterprises has been leaving traces of how their hackers have been accessing data from the system…