introduction — Hello guys and welcome back to my channel this time am going to be taking you through a CTF challenge from CTFROOM called insecure. The challenge show the limitations of using preg_replace() in PHP for match and replace operations and how it can be exploited to cause unintended functionality in a web application. It’s a really simple and fun challenge and without much say lets jump in

introduction — Hello guys back again with another walkthrough this time we are going to be tackling surfer from tryhackme which teaches about server side request forgeries or commonly known as SSRF. We are going to utilize this attack to gain access to internal infrastructure of the system and retrieve the flag…

introduction — Hello guys back again with another walkthough this time we are going to be tackling Corridor from TryHackMe. The box demonstrates an Insecure direct object reference vulnerability but with a bit of twists. The images we are trying to access have been md5 hashed so they look totally random but…

introduction — Hello guys back again with another walkthrough. This time am going to be showing how I tackled a binary called bad_timing. It was sent over by a friend who just asked me to analyze and exploit any bug I could find. My initial thought was that I was supposed to…

introduction Hello guys back again with another walkthrough this time we are going to be tackling Hacker vs. Hacker from TryHackMe. The box was rated easy but you could have a hard time if you came in with an attacker’s mindset. After performing a nmap scan you discover that port…

intoduction — Hello guys back again with another walkthrough this time we are going to be tackling Agent T from TryHackMe. A nice easy box that just needed you to identify the version of PHP running then looking online you discover it has a backdoor that leads to remote code execution then…

introduction Hello guys back again with another walkthrough of Committed from TryHackMe. The walkthrough will be short this time. We are required to do some forensics on a git repository nothing too fancy but it teaches an important lesson. We first start a machine and download a zip file. Extract…

Introduction — Hello guys back again with another walkthrough this time we are going to be tackling Annie from tryhackme a really amazing box by TobjasR. The box is rated as a medium but according to my opinion it can be classified as an easy box since it just has two steps…

Hello guys back again with another walkthrough. My vacation just begun meaning more writeups to be seen in the next few days depending on TryHackMe releases timeline. This time we are going to be tackling Mr. Phisher from TryHackMe. The room consist of a document that is supposed to simulate…