Pentesting a Data Science Windows Machine | TryHackMe Weasel
Summary In this post, we covered a CTF challenge involving getting access and compromising a windows machine…
OWASP
TryHackMe Valley | Web Application Enumeration using FFUF
Summary In this post, we covered web application enumeration using FFUF and Gobuster as tools for this…
Demonstrating SQL Injection Vulnerability – OWASP WebGoat Lab
In this post, we demonstrated SQL injection vulnerability using OWASP WebGoat Lab. SQL injection is a vulnerability…
Local File Inclusion Vulnerability | Billu-B0x Vulnhub Lab
In this post, we covered local file inclusion vulnerability using Billu-B0x machine from Vulnhub. Local file inclusion…
Command Injection Vulnerability | Mutillidae OWASP Lab
In this post, we covered command injection vulnerability and performed a practical demonstration using Mutillidae OWASP Lab….
Cross site request forgery CSRF Vulnerability – DVWA Lab
In this post, We demonstrated a scenario of exploiting CSRF vulnerability using DVWA vulnerable web application. Cross…
Reflected and Stores XSS – OWASP Mutillidae
In this write-up, we presented and covered cross site scripting vulnerability bothreflected and stored using Mutillidae. Reflected…
Insecure Direct Object Reference Vulnerability – Mutillidae OWASP Lab
In this post, we covered insecure direct object reference vulnerability which is one of the top 10…
Local File Inclusion Vulnerability – Mutillidae OWASP Lab
In this post, We used the vulnerable web application Mutillidae to demonstrate local file inclusion vulnerability. In…
Unrestricted File Upload Vulnerability – Mutillidae OWASP Lab
In this post, we demonstrated file upload vulnerability and how to exploit it using a vulnerable app…
SQL Injection in Search Fields | TryHackMe Cybercrafted Minecraft CTF
In this post, we covered SQL injection in search forms and performed Linux privilege escalation on the…
Exploiting Server Side Request Forgery (SSRF) | HackTheBox Kotarak
In this post, we demonstrated how to exploit SSRF to discover internal hidden services. We performed privilege…
TryHackMe OWASP Top 10 Walkthrough 2021 – 2024 [Updated]
In this post, we covered OWASP Top 10 using the material in TryHackMe OWASP Top 10 Room….
Web Application Authentication Bypass | TryHackMe Road
We covered web application authentication bypass using the reset feature in addition to Linux privilege escalation using…
How to Review a Vulnerable SQL Injection Login Form in PHP
How to Review a Vulnerable SQL Injection Login Form in PHP Summary We reviewed a login form…
Broken Authentication OWASP Top 10 | TryHackMe Overpass
Introduction We demonstrated broken authentication vulnerability by changing cookie values. This was part of TryHackMe Overpass. Broken…
Insecure Direct Object Reference Vulnerability Explained (IDOR) | TryHackMe IDOR
Introduction We covered Insecure Direct Object Reference Vulnerability and how to exploit it. You’re going to learn…
Web Application Vulnerability Scanning with OWASP ZAP | TryHackMe
Premise In this video walk-through, we covered OWASP ZAP web application vulnerability scanner to perform vulnerability scanning…
Re-Visiting File Upload Vulnerabilities – TryHackMe Advent of Cyber
Premise In this video walkthrough, we covered file upload vulnerabilities and some techniques to get around them….
Understanding Cookies Security | TryHackMe Advent of Cyber
Premise In this video walkthrough, we covered how website cookies work, the security threats, and security best…