Clik here to view.
HA: Pandavas Vulnhub Walkthrough
Today we’re going to solve another boot2root challenge called “Pandavas”. It’s available at Vulnhub for penetration testing practice. This lab is not difficult if we have the right basic knowledge to...
View ArticleClik here to view.
Remote Code Execution Using Impacket
In this post, we are going to discuss how we can connect to Victims machine remotely using Python libraries “Impacket” which you can download from here. Table of Content About Impacket atexec.py...
View ArticleClik here to view.
Abusing Kerberos Using Impacket
In this post, we are going to discuss how we can abuse Kerberos protocol remotely using Python libraries “Impacket” for conducting the lateral movement attack. You can download from here. Table of...
View ArticleClik here to view.
Glasgow Smile: 1.1 Vulnhub Walkthrough
Today we are going to solve another boot2root challenge called “Glasgow Smile”. It’s available at Vulnhub for penetration testing. This lab is an intermediate level. The credit for making this lab goes...
View ArticleClik here to view.
GitRoot: 1 Vulnhub Walkthrough
Today we are going to solve another boot2root challenge called “GitRoot: 1”. It’s available at Vulnhub for penetration testing. This lab is an intermediate level and is based on Git. The credit for...
View ArticleClik here to view.
Comprehensive Guide to Local File Inclusion (LFI)
In this deep down online world, dynamic web-applications are the ones that can easily be breached by an attacker due to their loosely written server-side codes and misconfigured system files. Today, we...
View ArticleClik here to view.
Tre:1 Vulnhub Walkthrough
Today, I am going to share a writeup for the boot2root challenge of the vulnhub machine “Tre:1”. It is made by SunCSR team difficulty level of this machine is the intermediate level. And for this...
View ArticleClik here to view.
Multiple Ways to Banner Grabbing
Grabbing a banner is the first and apparently the most important phase in both the offensive and defensive penetration testing environments. In this article, we’ll take a tour to “Banner Grabbing” and...
View ArticleClik here to view.
Forensic Investiagtion: Extract Volatile Data (Manually)
In this article, we will run a couple of CLI commands that help a forensic investigator to gather volatile data from the system as much as possible. The commands which we use in this post are not the...
View ArticleClik here to view.
Forensic Investigation: Examining Corrupted File Extension
In this article, we will learn how we can Examine Corrupted File Extension to identify the basic file header in a Forensic Investigation. Let’s understand this with the following Scenario In this...
View ArticleClik here to view.
Comprehensive Guide to OS Command Injection
Isn’t it great if you get the privilege to run any system commands directly on the target’s server through its hosted web-application? Or you can get the reverse shell with some simple clicks? In this...
View ArticleClik here to view.
eLection: 1 Vulnhub Walkthorugh
Today we are going to solve another boot2root challenge called “eLection: 1”. It’s available at Vulnhub for penetration testing. This is a mid-level lab based on the CMS “eLection”. There are several...
View ArticleClik here to view.
Sunset: decoy Vulnhub Walkthrough
Today we are going to solve another boot2root challenge called “Sunset: decoy”. It’s available at Vulnhub for penetration testing. This is easy for the intermediate level lab. The credit for making...
View ArticleClik here to view.
CyberSploit: 1 Vulnhub Walkthrough
Today we are going to solve another boot2root challenge called “CyberSploit: 1”. It’s available at Vulnhub for penetration testing. This is an easy level lab. The credit for making this lab goes to...
View ArticleClik here to view.
WordPress Pentest Lab Setup in Multiple Ways
In this post, we will demonstrate how to set-up our own Vulnerable WordPress CMS for penetration testing on Ubuntu 20.04, Docker and Windows using XAMPP server. Table of Content WordPress Setup on...
View ArticleClik here to view.
Comprehensive Guide on Broken Authentication & Session Management
Does just keeping secure and a strong password can really protect you? Today in this article we’ll learn, how an attacker analyzes and take over the user’s account that have been logged in inside some...
View ArticleClik here to view.
WPScan:WordPress Pentesting Framework
Every other web-application on the internet is somewhere or other running over a Content Management System, either they use WordPress, Squarespace, Joomla, or any other in their development phase. So...
View ArticleClik here to view.
Forensic Investigation: Ghiro for Image Analysis
In this article, we will learn how we can use the Ghiro image analysis tool in forensic investigation. Ghiro is a digital image forensic tool. Which is fully automated and opensource. Table of Content...
View ArticleClik here to view.
Comprehensive Guide on Path Traversal
In our previous post, we’ve explained the Local File Inclusion attack in detail, which you can read from here. I recommend, then, to revisit our previous article for better understanding, before going...
View ArticleClik here to view.
BlackRose: 1 Vulnhub Walkthrough
Today we are going to solve another boot2root challenge called “BlackRose: 1”. It’s available at VulnHub for penetration testing, you can download this from here. The credit goes to BadLamer for...
View Article