Cross site request forgery CSRF Vulnerability – DVWA Lab
In this post, We demonstrated a scenario of exploiting CSRF vulnerability using DVWA vulnerable web application. Cross…
CyberSecurity Articles
Reflected and Stores XSS – OWASP Mutillidae
In this write-up, we presented and covered cross site scripting vulnerability bothreflected and stored using Mutillidae. Reflected…
Insecure Direct Object Reference Vulnerability – Mutillidae OWASP Lab
In this post, we covered insecure direct object reference vulnerability which is one of the top 10…
Local File Inclusion Vulnerability – Mutillidae OWASP Lab
In this post, We used the vulnerable web application Mutillidae to demonstrate local file inclusion vulnerability. In…
Unrestricted File Upload Vulnerability – Mutillidae OWASP Lab
In this post, we demonstrated file upload vulnerability and how to exploit it using a vulnerable app…
How to stay anonymous during Nmap scanning with Tor network.
Introduction We showed how to use do Nmap scanning with Proxychains and Tor in order to achieve…
Demonstrating Linux Systemctl Services Exploitation – Cyberseclabs Simple
In this post, we went over a Linux box from Cyberseclabs where to demonstrated the ability to…
Security Onion Training
This post is a tutorial on using Security Onion OS tools such as Sguil and Wireshark for…
Encoding and Decoding with Python | PicoCTF Transformation + net-cat
In this post, we covered encoding and decoding using python and Cyberchef. We solved two challenges from…
Reverse Shell Over ICMP | HackTheBox Minion
In this post, we go over the concept of retrieving shell via ICMP protocol instead of TCP….
Investigating Conti Ransomware on Microsoft Exchange with Splunk | TryHackMe
In this post, we investigated the Conti ransomware that hit Microsoft Exchange via a series of vulnerabilities….
SQL Injection in Search Fields | TryHackMe Cybercrafted Minecraft CTF
In this post, we covered SQL injection in search forms and performed Linux privilege escalation on the…
DevOps Enumeration and Vulnerabilities | TryHackMe Advent of Cyber 3 Day 14
In this post, we covered enumerating vulnerabilities in the DeVOps among which is the insecure file permissions….
Linux Challenges Part 2 | OverTheWire Bandit Level 10-Level 19
In this post, we covered various concepts in Linux such as encoding and decoding, file compression,SSH,etc. This…
Investigating WMI Backdoors in Windows With Loki Yara Scanner | TryHackMe Investigating Windows 2.0
In this post, we covered investigating a compromised Windows machine with WMI Backdoors. This was part…
Amazon AWS Bucket and Container Images Security | TryHackMe Advent of Cyber 3
In this post, we covered AWS cloud security enumeration such as bucket and container images enumeration. We…
Exploiting Server Side Request Forgery (SSRF) | HackTheBox Kotarak
In this post, we demonstrated how to exploit SSRF to discover internal hidden services. We performed privilege…
Linux Command Line Challenges | OverTheWire Bandit CTF
In this post, we covered some Linux command line skills for beginners through solving OverTheWire Bandit CTF…
The ShellShock Vulnerability Explained | HackTheBox Shocker
Shellshock vulnerability allows for remote code execution using shell callouts to bash below 4.3. payload can be…
Hunting Viruses with Virus Total and Yara Rules | TryHackMe Advent of Cyber 3 Day 20 and 21
Hunting viruses and malwares take more than static or dynamic analysis alone. Usually a combination of different…
