Investigating Conti Ransomware on Microsoft Exchange with Splunk | TryHackMe
In this post, we investigated the Conti ransomware that hit Microsoft Exchange via a series of vulnerabilities….
CTF Writeups
SQL Injection in Search Fields | TryHackMe Cybercrafted Minecraft CTF
In this post, we covered SQL injection in search forms and performed Linux privilege escalation on the…
DevOps Enumeration and Vulnerabilities | TryHackMe Advent of Cyber 3 Day 14
In this post, we covered enumerating vulnerabilities in the DeVOps among which is the insecure file permissions….
Linux Challenges Part 2 | OverTheWire Bandit Level 10-Level 19
In this post, we covered various concepts in Linux such as encoding and decoding, file compression,SSH,etc. This…
Investigating WMI Backdoors in Windows With Loki Yara Scanner | TryHackMe Investigating Windows 2.0
In this post, we covered investigating a compromised Windows machine with WMI Backdoors. This was part…
Exploiting Server Side Request Forgery (SSRF) | HackTheBox Kotarak
In this post, we demonstrated how to exploit SSRF to discover internal hidden services. We performed privilege…
Linux Command Line Challenges | OverTheWire Bandit CTF
In this post, we covered some Linux command line skills for beginners through solving OverTheWire Bandit CTF…
The ShellShock Vulnerability Explained | HackTheBox Shocker
Shellshock vulnerability allows for remote code execution using shell callouts to bash below 4.3. payload can be…
Hunting Viruses with Virus Total and Yara Rules | TryHackMe Advent of Cyber 3 Day 20 and 21
Hunting viruses and malwares take more than static or dynamic analysis alone. Usually a combination of different…
Windows Active Directory PAC Vulnerability | HackTheBox Mantis
In Windows active directory environment, PAC stands for privilege attribute certificate which stores information about the user…
TryHackMe OWASP Top 10 Walkthrough 2021 – 2024 [Updated]
In this post, we covered OWASP Top 10 using the material in TryHackMe OWASP Top 10 Room….
Packet Analysis with Wireshark | TryHackMe Advent of Cyber 3 Day 9
We covered basic packet analysis with Wireshark. We used filters to go through packets. This was part…
Recovering Microsoft SQL Database Server | TryHackMe Advent Of Cyber 3 Day 11
McDatabaseAdmin came rushing into the room and cried to McSkidy, “We’ve been locked out of the reindeer…
Enumerating NFS (Network File System) | TryHackMe Advent of Cyber 3 Day 12
Grinch Enterprises has been leaving traces of how their hackers have been accessing data from the system…
Web Application Authentication Bypass | TryHackMe Road
We covered web application authentication bypass using the reset feature in addition to Linux privilege escalation using…
Investigating Malware and Spam with Wireshark
Blue Team | Investigating Malware and Spam with Wireshark TryHackMe Carnage We covered a analyzing an incident…
Networking Basics | TryHackMe
Basics of Networking For Beginners | TryHackMe Networking In this post, I provided all answers to nearly…
WordPress Penetration Testing and Nmap Interactive – TryHackMe OSCP: Mr Robot
We covered WordPress Penetration Testing and Linux privilege escalation using vulnerable version of Nmap. Below is Nmap…
Nmap Complete Practical Tutorial | TryHackMe Nmap
Introduction to Nmap and Portscanning This post reviews usage of Nmap and demonstrates various use cases using…
How to Review a Vulnerable SQL Injection Login Form in PHP
How to Review a Vulnerable SQL Injection Login Form in PHP Summary We reviewed a login form…
