Session ID Hijacking With Burp Suite | OverTheWire Natas Level 20
We covered OverTheWire Natas 19-20 level. In this level, the web application used an if statement to verify if…
CTF Writeup
Session ID Hijacking With Python | OverTheWire Natas 19-20
We covered OverTheWire Natas 19-20 level. This level was similar to the previous level but with the session ID…
Using Burp Suite for Session Hijacking | OverTheWire Natas Level 18 – 19
We used Burp Suite to demonstrate an experiment on enumerating sessions IDs created using PHP language. The source code…
Memory Forensics with Volatility | Uncovering Malware Hidden in Emails | HackTheBox Reminiscent
We covered an incident response scenario that involved a using memory forensics to investigate the presence of a malware…
Time Based SQL Injection | OverTheWire Natas Level 17
We covered time based SQL injection using the sleep function. Time time based SQL injection relies in the response…
Printer Exploitation | Part one | HackTheBox Gawk
We covered the concept of printer exploitation using printer exploitation framework. The scenario involved a printer running on a…
Format String Vulnerability Explained | HackTheBox Leet Test
We covered a binary vulnerable to format string vulnerability in which the vulnerable code contains an implementation of printf…
Bypassing SQL Filters Using Command Substitution | OverTheWire Natas Level 16
We covered OverTheWire Natas Level 16 CTF where we went over a blind SQL injection scenario that uses command…
Buffer Overflow Explained | P23 | Stack Pivot and Ret2libc | HackTheBox Pwnshop
We covered another case of a binary vulnerable to buffer overflow but has some protections enabled such as NX…
Blind SQL Injection With Python | OverTheWire Natas Level 15
We covered a scenario of blind SQL Injection where the web application accepts user input without sanitization or filtering….