Prime: 1 – Walkthrough for OSCP Series
Prime: 1 is a challenging boot2root machine created by Suraj Pandey. It is designed for those who are preparing for the OSCP exam and is a great way to practice your penetration testing skills. In
"If Nobody sees it, it didn't Happen"
Prime: 1 is a challenging boot2root machine created by Suraj Pandey. It is designed for those who are preparing for the OSCP exam and is a great way to practice your penetration testing skills. In
Vengeance is one of the digital world.local series which makes vulnerable boxes closer to OSCP labs. This box has a lot of services and there could be multiple ways to exploit this, Below is what
Continue readingdigital world.local: Vengeance Walkthrough – OSCP Way
Recently, My focus turned more towards OSCP and I am thinking of taking the exam. After reading tons of people’s experience over Reddit, I took some notes on what would be my way of studying
Pwned vulnhub challenge is an easy boot2root machine. One of the key take away from this machine is how you can escalate your privileges using Dockers. This blog post is about how I exploited this
This article is a walkthrough for Pylington Virtual machine. The machine is based on getting root flag, I did it via bypassing python sandbox environment and privilege escalation by SUID bit. I have worked with
LevelupCTF is a seven flag CTF. It contains vulnerabilities from information disclosures to Remote Code execution. Each flag provides hints towards the next flag. The CTF consists of wide range of challenges which provides great
Kali is the one of the best operating system for Pentesting and hacking. After BackTrack, this is the only operating system I have used, since I think 2015.It has a lots of tools and features
Continue readingWays to search files in Kali – which, locate and find
Symfonos 5 CTF is based on the web application exploit and ldap information gathering to get to the root. This is an easy CTF, but good learning cracking this CTF. The Stuff I have learned
Hackthebox Grammar is based on the MAC [Message Authentication Code] and how PHP handles the MAC strings also called as typejuggling. PHP tries to evaluate the MAC based on the starting strings, if it is
Hackthebox: I know Mag1k is based on Oracle padding attack. Padding Oracle is based on decryption of the cipher text based on existing cipher information. Padding Oracle allows you to decrypt the encrypted code.Moreover, we