SQL Injection in Search Fields | TryHackMe Cybercrafted Minecraft CTF
In this post, we covered SQL injection in search forms and performed Linux privilege escalation on the…
CyberSecurity Articles
DevOps Enumeration and Vulnerabilities | TryHackMe Advent of Cyber 3 Day 14
In this post, we covered enumerating vulnerabilities in the DeVOps among which is the insecure file permissions….
Linux Challenges Part 2 | OverTheWire Bandit Level 10-Level 19
In this post, we covered various concepts in Linux such as encoding and decoding, file compression,SSH,etc. This…
Investigating WMI Backdoors in Windows With Loki Yara Scanner | TryHackMe Investigating Windows 2.0
In this post, we covered investigating a compromised Windows machine with WMI Backdoors. This was part…
Amazon AWS Bucket and Container Images Security | TryHackMe Advent of Cyber 3
In this post, we covered AWS cloud security enumeration such as bucket and container images enumeration. We…
Exploiting Server Side Request Forgery (SSRF) | HackTheBox Kotarak
In this post, we demonstrated how to exploit SSRF to discover internal hidden services. We performed privilege…
Linux Command Line Challenges | OverTheWire Bandit CTF
In this post, we covered some Linux command line skills for beginners through solving OverTheWire Bandit CTF…
The ShellShock Vulnerability Explained | HackTheBox Shocker
Shellshock vulnerability allows for remote code execution using shell callouts to bash below 4.3. payload can be…
Hunting Viruses with Virus Total and Yara Rules | TryHackMe Advent of Cyber 3 Day 20 and 21
Hunting viruses and malwares take more than static or dynamic analysis alone. Usually a combination of different…
Open Source Intelligence using Google and Github | TryHackMe Advent of Cyber 3
OSINT stands for open source intelligence and it’s the collection and gathering of information using publicly available…
Windows Active Directory PAC Vulnerability | HackTheBox Mantis
In Windows active directory environment, PAC stands for privilege attribute certificate which stores information about the user…
TryHackMe OWASP Top 10 Walkthrough 2021 – 2024 [Updated]
In this post, we covered OWASP Top 10 using the material in TryHackMe OWASP Top 10 Room….
The Log4j Vulnerability Explained
This video is a detailed tutorial on the Log4J vulnerability (CVE-2021-44228), explaining its critical impact, how it…
Packet Analysis with Wireshark | TryHackMe Advent of Cyber 3 Day 9
We covered basic packet analysis with Wireshark. We used filters to go through packets. This was part…
Recovering Microsoft SQL Database Server | TryHackMe Advent Of Cyber 3 Day 11
McDatabaseAdmin came rushing into the room and cried to McSkidy, “We’ve been locked out of the reindeer…
Enumerating NFS (Network File System) | TryHackMe Advent of Cyber 3 Day 12
Grinch Enterprises has been leaving traces of how their hackers have been accessing data from the system…
Web Application Authentication Bypass | TryHackMe Road
We covered web application authentication bypass using the reset feature in addition to Linux privilege escalation using…
Investigating Malware and Spam with Wireshark
Blue Team | Investigating Malware and Spam with Wireshark TryHackMe Carnage We covered a analyzing an incident…
Networking Basics | TryHackMe
Basics of Networking For Beginners | TryHackMe Networking In this post, I provided all answers to nearly…
WordPress Penetration Testing and Nmap Interactive – TryHackMe OSCP: Mr Robot
We covered WordPress Penetration Testing and Linux privilege escalation using vulnerable version of Nmap. Below is Nmap…