J3bitokjebitok.hashnode.dev·Nov 6, 2024Introduction to Offensive Security (TryHackMe)In this article, I will write a Web Application Security write-up covering Web Application Security Risks and Practical Examples of Web Application Security. What do you need to access a web application? Browser You discovered that the login page a...Discussoffensive-security
J3bitokjebitok.hashnode.dev·Nov 3, 2024Offensive Security Tooling: Shells Overview (TryHackMe)In this article, I will write a write-up for Shell Overview that covers Shell Overview, Reverse Shell, Bind Shell, Shell Listeners, Shell Payloads, Web Shell, and a Practical Task. What is the command-line interface that allows users to interact wit...Discussoffensive-security
J3bitokjebitok.hashnode.dev·Nov 3, 2024Offensive Security Tooling: Gobuster: The Basics (TryHackMe)In this article, I will write a Gobuster: The Basics that covers Environment and Setup, Gobuster: Introduction, Use Case: Directory and File Enumeration, Use Case: Subdomain Enumeration, and Use Case: Vhost Enumeration. What flag to we use to specif...Discussgobuster
J3bitokjebitok.hashnode.dev·Nov 2, 2024Offensive Security Tooling: Hydra (TryHackMe)In this article, I will write a write-up for Logs Fundamentals that covers Introduction to Logs, Types of Logs, Windows Event Logs Analysis, and Web Server Access Logs Analysis. Start the AttackBox by pressing the Start AttackBox button at the top of...Discussoffensive-security
1l.rocks1l.rocks·Oct 18, 2024Getting started or finishing the OSCP (PEN-200) courseIntroduction First of all, I’d like to share that I have submitted my exam and the report. From now on, it's just waiting for the results and praying that the results are good. The paranoia is getting there. NOTE: I did receive the certificate :) The...Discusspen200
Yunis Mohamedalbaharyhacks.hashnode.dev·Oct 7, 2024My Journey Into CybersecurityHi, I’m Yunis Mohamed, an aspiring offensive security professional passionate about safeguarding the digital world. My journey into cybersecurity is fueled by curiosity, a commitment to protection, and a belief in our collective role in creating a sa...Discuss·10 likescybersecurity
Akbar Khanakbarkhan.hashnode.dev·Sep 7, 2024Weaponizing PowerShell: Unleashing the Red Team's Tactical Edge - Part 1PowerShell (PSH) PowerShell is an object-oriented programming language executed from the Dynamic Language Runtime (DLR) in .NET, with some exceptions for legacy uses. It is a powerful tool often leveraged by red teamers for various activities, such a...DiscussPowershell
Chioma Ibeakanmachiomaibeakanma.hashnode.dev·Aug 15, 2024Account Takeover via Password Reset (Disclosed Tokens)Account takeover (ATO) vulnerabilities occur when an attacker gains unauthorized access to a user's account. One common vector for ATO vulnerabilities is through the password reset functionality. In this article, we will explore how vulnerabilities c...Discuss·21 likes·51 readsVulnerabilities with Chioma Ibeakanmapenetration testing
Joao Paulo Guedesth3g3ntl3m4n.hashnode.dev·Jul 14, 2024Baby - VulnlabEnumeration We started executing a full port scan on the host. ╭─[us-free-3]-[10.8.2.220]-[th3g3ntl3m4n@kali]-[~/vulnlab/baby] ╰─ $ sudo nmap -v -sS -Pn -p- 10.10.98.130 --min-rate=300 --max-rate=500 Now, we execute a port scan only on the open por...Discussjpfdevs cybersec
Blessing Mufaro Kashavathecyberstash.hashnode.dev·Jul 10, 2024PNPT Certification ReviewForeword While many articles discuss TCM Academy’s PNPT certification, I felt compelled to write my own review. Exceptional work deserves continuous praise and acknowledgment. This concise review aims to share my personal sentiments about the certifi...Discuss·66 readsCybersecurity Insightinfosec
