Tag feed

#web-exploitation

26 posts12 followers

Explore Hashnode

Alternatives

Trending tags this week

YPYogesh Peelaexploitnotes.hashnode.devJun 8 · 4 min read

Heart Part 7 — dalCTF 2026

Category: WebFlag: dalctf{p1mp_p1mp_h00r4y} Overview A multi-stage web challenge themed around Kendrick Lamar's m.A.A.d city / Kung Fu Kenny lore. The attack chain involved: SQL injection to bypas

0

WBWiktoria Blomgren Strandbergpentesting-dvwa.hashnode.devMar 8 · 14 min read

1 Introduction In this post, the Authorisation Bypass vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to identify any areas where a

0

AKAnkit Kumarkubesimplify.hashnode.devJan 17 · 7 min read

Exploiting Metasploitable2 Using msfconsole (Kali Linux Lab)

Exploiting Metasploitable2 Using msfconsole (Kali Linux Lab) Introduction msfconsole is the heart of the Metasploit Framework and one of the most powerful tools used by penetration testers to identify, exploit, and validate security vulnerabilities. ...

0

NSNull Sirynctfs.hashnode.devJan 1 · 4 min read

Multifactorial CTF Writeup: Bypassing MFA via WebAuthn Exploit

Challenge Description Category: Web exploitationAuthor: thee2d Modern authentication relies on more than just a password. Something you know, something you have, and something you are. Together, they're meant to provide layered security that can with...

0

NSNull Sirynctfs.hashnode.devJan 1 · 5 min read

Kramazon CTF Writeup: Cookie Forgery & IDOR Exploit

Challenge Description Category: Web exploitationAuthor: thee2d Intelligence analysts from the North Pole Logistics Directorate (NPLD) have uncovered a covert online storefront operated by the KRAMPUS Syndicate. Its name? Kramazon. Looks familiar. Wor...

0

ZOZeroTrust Opsnavyacyber.hashnode.devJan 1 · 2 min read

Day 24: Exploitation with cURL — Hoperation Eggsploit

On Day 24, I reached the final technical hurdle before the ultimate battle with King Malhare. The mission, "Hoperation Eggsploit," required me to shut down a web control panel that the evil Easter Bunnies were using to keep a wormhole open for reinfo...

0

ZOZeroTrust Opsnavyacyber.hashnode.devJan 1 · 3 min read

Day 20: Race Conditions — Toy to The World

For Day 20, the investigation focused on a sophisticated web vulnerability that allowed attackers to disrupt the Best Festival Company's (TBFC) limited-edition toy launch. Although only 10 sleigh toys were in stock, hundreds of customers received con...

0

ZOZeroTrust Opsnavyacyber.hashnode.devDec 31, 2025 · 2 min read

Day 14: Container Escape – Saving DoorDasher

The Mission: Breaking the "Beardgate" Siege The situation in Wareville is critical: customers are being served authentic strands of Santa’s beard instead of noodles. A security engineer was locked out by Sir CarrotBaine before he could restore the si...

0

ZOZeroTrust Opsnavyacyber.hashnode.devDec 27, 2025 · 2 min read

Cyber Speed Run: Crushing TryHackMe Advent of Cyber 2025

Introduction: Back for More at Wareville Following my deep dive into Active Directory, I am taking a massive leap into hands-on practice with the TryHackMe Advent of Cyber 2025. For the uninitiated, this is a free, story-driven event that teaches cri...

0

YYoannfr3nch4writeups.hashnode.devNov 2, 2025 · 9 min read

Previous HTB

Recon ┌──(kali㉿kali)-[~] └─$ nmap -sC -sV -O -p- 10.10.11.83 -Pn Les règles du Pare-feu m'empêchent, de faire mon scan habituel. ┌──(kali㉿kali)-[~] └─$ nmap -sS -P0 10.10.11.83 -sV Starting Nmap 7.95 ( https://nmap.org ) at 2025-09-22 18:24 EDT Nmap...

0

#web-exploitation

Search Hashnode

#web-exploitation

Explore Hashnode

Trending tags this week

Heart Part 7 — dalCTF 2026

Authorisation Bypass in DVWA

Exploiting Metasploitable2 Using msfconsole (Kali Linux Lab)

Multifactorial CTF Writeup: Bypassing MFA via WebAuthn Exploit

Kramazon CTF Writeup: Cookie Forgery & IDOR Exploit

Day 24: Exploitation with cURL — Hoperation Eggsploit

Day 20: Race Conditions — Toy to The World

Day 14: Container Escape – Saving DoorDasher

Cyber Speed Run: Crushing TryHackMe Advent of Cyber 2025

Previous HTB