Playing with Javascript Methods | OWASP Hackademic | Challenge 002
We covered another web application penetration testing challenge where we inspected Javascript methods in the examined webpage…
CTF Writeups
Directory Browsing and Spidering Explained | OWASP Hackademic | Challenge 001
We covered Directory Browsing and Spidering by using and solving Challenge 001 in OWASP Hackademic free lab….
XPATH Injection Vulnerability Explained | OWASP WebGoat
We covered and explained XPATH Injection Vulnerability by using OWASP WebGoat free lab.. XPATH Injection Vulnerability |…
Session Fixation Attack Explained | OWASP WebGoat
We covered and explained Session Fixation Attack using OWASP WebGoat free lab. Session Fixation Attack A web-based…
Javascript validation Bypass Explained | OWASP WebGoat
We covered and explained Javascript validation Bypass using OWASP WebGoat free lab. Client-side Validation (CSV) Bypass |…
XML External Entity Injection Explained | EP1 | OWASP WebGoat
We demonstrated and explained practically XML External Entity Injection using OWASP WebGoat lab. An XML External Entity…
String SQL Injection Vulnerability Explained | EP3 | OWASP WebGoat
We covered the third part that discusses string SQL injection vulnerability using OWASP WebGoat lab. String SQL…
OSINT Case Studies P2 | Blockchain & Manhunt | HackTheBox Block Hunt3r & Missing in action
We covered the second part of open source intelligence case studies as part of HackTheBox OSINT track….
Open Source Intelligence Case Studies | HackTheBox Easy Phish, Infiltration & ID Exposed.
We covered multiple OSINT case studies and challenges from HackTheBox, namely Easy Phish, Infiltration & ID Exposed,…
Node js Command Injection Explained | HackTheBox JSCalc
We covered command injection and execution in Node JS. The scenario included an input box that passes…
Domain Redirection Bypass Explained | HackTheBox RenderQuest & ProxyAsAService
We covered practical examples of bypassing domain redirection restrictions. In the first example we used a Webhook…
Microsoft Office Word Document Malware Analysis | HackTheBox Diagnostic
We covered analyzing a sample Microsoft office word document using oletools to extract relevant Macros and links….
Server Side Template Injection (SSTI) Explained | HackTheBox Neonify
We covered Server Side Template Injection vulnerability and demonstrated a practical scenario using HackTheBox Neonify web challenge….
Command Injection Explained | OWASP TOP 10 | HackTheBox LoveTok
We briefly explained command injection as one of the top 10 web application vulnerabilities. Command injection allows…
Cleaning a Linux Infected Machine | HackTheBox PersistenceIsFutile
We covered an incident response scenario from HackTheBox named PersistenceIsFutile where we went over an infected Linux…
Local File Inclusion & Log Poisoning Explained | HackTheBox Toxic
We covered local file inclusion that is a web application vulenrability. We also covered the concept of…
Memory Forensics with Volatility | Searching For Encrypted Files | HackTheBox TrueSecrets
We covered conducting memory forensics using Volatility framework. The scenario involved a memory dump file that assumingly…
HackTheBox Cat Writeup | Android Forensics Mobile Forensics
In HackTheBox Cat Challenge, we covered the subject of Mobile forensics and briefly went over the scenario…
HeartBleed Vulnerability and Tmux Exploitation | HackTheBox Valentine
We used HackTheBox Valentine machine to demonstrate HeartBleed Vulnerability and privilege escalation through tmux terminal multiplexer. Valentine…
Analyzing Malicious Microsoft Office Word Document | HackTheBox Emo
We covered analyzing an office document that has an embedded Macro code written in Visual Basic. The…
