Local File Inclusion Vulnerability | Billu-B0x Vulnhub Lab
In this post, we covered local file inclusion vulnerability using Billu-B0x machine from Vulnhub. Local file inclusion…
CTF Writeups
Command Injection Vulnerability | Mutillidae OWASP Lab
In this post, we covered command injection vulnerability and performed a practical demonstration using Mutillidae OWASP Lab….
Cross site request forgery CSRF Vulnerability – DVWA Lab
In this post, We demonstrated a scenario of exploiting CSRF vulnerability using DVWA vulnerable web application. Cross…
Reflected and Stores XSS – OWASP Mutillidae
In this write-up, we presented and covered cross site scripting vulnerability bothreflected and stored using Mutillidae. Reflected…
Insecure Direct Object Reference Vulnerability – Mutillidae OWASP Lab
In this post, we covered insecure direct object reference vulnerability which is one of the top 10…
Demonstrating Linux Systemctl Services Exploitation – Cyberseclabs Simple
In this post, we went over a Linux box from Cyberseclabs where to demonstrated the ability to…
Encoding and Decoding with Python | PicoCTF Transformation + net-cat
In this post, we covered encoding and decoding using python and Cyberchef. We solved two challenges from…
Investigating Conti Ransomware on Microsoft Exchange with Splunk | TryHackMe
In this post, we investigated the Conti ransomware that hit Microsoft Exchange via a series of vulnerabilities….
SQL Injection in Search Fields | TryHackMe Cybercrafted Minecraft CTF
In this post, we covered SQL injection in search forms and performed Linux privilege escalation on the…
DevOps Enumeration and Vulnerabilities | TryHackMe Advent of Cyber 3 Day 14
In this post, we covered enumerating vulnerabilities in the DeVOps among which is the insecure file permissions….
Linux Challenges Part 2 | OverTheWire Bandit Level 10-Level 19
In this post, we covered various concepts in Linux such as encoding and decoding, file compression,SSH,etc. This…
Investigating WMI Backdoors in Windows With Loki Yara Scanner | TryHackMe Investigating Windows 2.0
In this post, we covered investigating a compromised Windows machine with WMI Backdoors. This was part…
Exploiting Server Side Request Forgery (SSRF) | HackTheBox Kotarak
In this post, we demonstrated how to exploit SSRF to discover internal hidden services. We performed privilege…
Linux Command Line Challenges | OverTheWire Bandit CTF
In this post, we covered some Linux command line skills for beginners through solving OverTheWire Bandit CTF…
The ShellShock Vulnerability Explained | HackTheBox Shocker
Shellshock vulnerability allows for remote code execution using shell callouts to bash below 4.3. payload can be…
Hunting Viruses with Virus Total and Yara Rules | TryHackMe Advent of Cyber 3 Day 20 and 21
Hunting viruses and malwares take more than static or dynamic analysis alone. Usually a combination of different…
Windows Active Directory PAC Vulnerability | HackTheBox Mantis
In Windows active directory environment, PAC stands for privilege attribute certificate which stores information about the user…
TryHackMe OWASP Top 10 Walkthrough 2021 – 2024 [Updated]
In this post, we covered OWASP Top 10 using the material in TryHackMe OWASP Top 10 Room….
Packet Analysis with Wireshark | TryHackMe Advent of Cyber 3 Day 9
We covered basic packet analysis with Wireshark. We used filters to go through packets. This was part…
Recovering Microsoft SQL Database Server | TryHackMe Advent Of Cyber 3 Day 11
McDatabaseAdmin came rushing into the room and cried to McSkidy, “We’ve been locked out of the reindeer…