Open in app

Sign In

Write

Sign In

Musyoka Ian
Musyoka Ian

632 Followers

Home

About

1 day ago

How I passed OSCP with 100 Points

Hello guys welcome back to another episode this time am going to be giving my experience on how OSCP was like and what i did to pass the exam with 100 points. I also give recommendation on what i could have done better during and after the exam. I hope you enjoy the episode without much day let’s jump in I recorded the episode on my YouTube channel if you want to watch it, you can access using the link below

Oscp

1 min read

How I passed OSCP with 100 Points
How I passed OSCP with 100 Points
Oscp

1 min read


3 days ago

Valley TryHackMe Walkthrough

Introduction — Hello guys and welcome back to another episode this time we are going to be solving a box from tryhackme called Valley. It was a box marked as easy and it felt like an easy box according to my opinion. We start of by doing an Nmap scan of the…

Valley Tryhackme

1 min read

Valley TryHackMe Walkthrough
Valley TryHackMe Walkthrough
Valley Tryhackme

1 min read


3 days ago

Emdee five for life HackTheBox Walkthrough

introduction — Hello guys hack again with another walkthrough this time we are going to be teaching a little bit of scripting with python while solving a web challenge on hackthebox platform called Emdee five for life. The challenge begins by asking you if you can encrypt fast enough

Emdee Five For Life

5 min read

Emdee five for life HackTheBox Walkthrough
Emdee five for life HackTheBox Walkthrough
Emdee Five For Life

5 min read


May 21

Weasel TryHackMe Walkthrough

introduction — Hello guys back again with another walkthrough. I was away working on my OSCP certification and I passed with 100 points. Am planning on doing an episode on my experience probably this week or next week. Today we are going to be looking at weasel from TryHackMe a box rated medium on TryHackMe but in my opinion i thought it was easy so long as proper enumeration was done. We run an Nmap scan of the box and discover that 6 ports are open. We get a Jupyter notebook token and get code execution on a Linux container then retrieve some OPENSSH and login to a windows server and perform privilege escalation through AlwaysInstallElevated. We also introduce a really Amazing C2 framework called sliver

Tryhackme Walkthrough

1 min read

Weasel TryHackMe Walkthrough
Weasel TryHackMe Walkthrough
Tryhackme Walkthrough

1 min read


Jan 16

Hotel HackMyVm Walkthrough

introduction — Hello guys and welcome back for another walkthrough this time we are going to be tackling a machine from HackMyVm called Hotel a CTF like machine where we gain an initial foothold by exploit a remote code execution vulnerability (RCE) in a web application software called HotelDruid then after getting a shell on the box we find a ttylog file and using ttyplay we are able to read the file and get credential of the user person login into the system via SSH as the person user then exploit a misconfiguration on wkhtmltopdf to get root on the box it’s a really nice challenge and we are going to be doing a little bit of port forwarding using ngrok without much say let jump in

Remote Code Execution

1 min read

Hotel HackMyVm Walkthrough
Hotel HackMyVm Walkthrough
Remote Code Execution

1 min read


Jan 9

Insecure web challenge CTFROOM

introduction — Hello guys and welcome back to my channel this time am going to be taking you through a CTF challenge from CTFROOM called insecure. The challenge show the limitations of using preg_replace() in PHP for match and replace operations and how it can be exploited to cause unintended functionality in a web application. It’s a really simple and fun challenge and without much say lets jump in

Ctf Writeup

1 min read

Insecure web challenge CTFROOM
Insecure web challenge CTFROOM
Ctf Writeup

1 min read


Oct 14, 2022

Surfer TryHackMe walkthrough

introduction — Hello guys back again with another walkthrough this time we are going to be tackling surfer from tryhackme which teaches about server side request forgeries or commonly known as SSRF. We are going to utilize this attack to gain access to internal infrastructure of the system and retrieve the flag…

Ssrf

5 min read

Surfer TryHackMe walkthrough
Surfer TryHackMe walkthrough
Ssrf

5 min read


Oct 1, 2022

Corridor TryHackMe Walkthrough

introduction — Hello guys back again with another walkthough this time we are going to be tackling Corridor from TryHackMe. The box demonstrates an Insecure direct object reference vulnerability but with a bit of twists. The images we are trying to access have been md5 hashed so they look totally random but…

Corridor

5 min read

Corridor TryHackMe Walkthrough
Corridor TryHackMe Walkthrough
Corridor

5 min read


Sep 25, 2022

Bad Timing binary exploitation challenge

introduction — Hello guys back again with another walkthrough. This time am going to be showing how I tackled a binary called bad_timing. It was sent over by a friend who just asked me to analyze and exploit any bug I could find. My initial thought was that I was supposed to…

Prng

7 min read

Bad Timing binary exploitation challenge
Bad Timing binary exploitation challenge
Prng

7 min read


Aug 12, 2022

Hacker vs. Hacker TryHackMe Walkthrough

introduction Hello guys back again with another walkthrough this time we are going to be tackling Hacker vs. Hacker from TryHackMe. The box was rated easy but you could have a hard time if you came in with an attacker’s mindset. After performing a nmap scan you discover that port…

Incident Response

8 min read

Hacker vs. Hacker TryHackMe Walkthrough
Hacker vs. Hacker TryHackMe Walkthrough
Incident Response

8 min read

Musyoka Ian

Musyoka Ian

632 Followers

Penetration Tester/Analytical Chemist who Loves Cybersecurity. GitHub(https://github.com/musyoka101), ExploitDB(https://www.exploit-db.com/?author=10517)

Following
  • Barack Obama

    Barack Obama

  • Nelly Mutai

    Nelly Mutai

  • Kipkirui Victor

    Kipkirui Victor

  • FoxSin34

    FoxSin34

See all (5)

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech

Teams