Introduction — Hello guys and welcome back to another episode this time we are going to be solving a box from tryhackme called Valley. It was a box marked as easy and it felt like an easy box according to my opinion. We start of by doing an Nmap scan of the…

introduction — Hello guys hack again with another walkthrough this time we are going to be teaching a little bit of scripting with python while solving a web challenge on hackthebox platform called Emdee five for life. The challenge begins by asking you if you can encrypt fast enough

introduction — Hello guys back again with another walkthrough. I was away working on my OSCP certification and I passed with 100 points. Am planning on doing an episode on my experience probably this week or next week. Today we are going to be looking at weasel from TryHackMe a box rated medium on TryHackMe but in my opinion i thought it was easy so long as proper enumeration was done. We run an Nmap scan of the box and discover that 6 ports are open. We get a Jupyter notebook token and get code execution on a Linux container then retrieve some OPENSSH and login to a windows server and perform privilege escalation through AlwaysInstallElevated. We also introduce a really Amazing C2 framework called sliver

introduction — Hello guys and welcome back for another walkthrough this time we are going to be tackling a machine from HackMyVm called Hotel a CTF like machine where we gain an initial foothold by exploit a remote code execution vulnerability (RCE) in a web application software called HotelDruid then after getting a shell on the box we find a ttylog file and using ttyplay we are able to read the file and get credential of the user person login into the system via SSH as the person user then exploit a misconfiguration on wkhtmltopdf to get root on the box it’s a really nice challenge and we are going to be doing a little bit of port forwarding using ngrok without much say let jump in

introduction — Hello guys and welcome back to my channel this time am going to be taking you through a CTF challenge from CTFROOM called insecure. The challenge show the limitations of using preg_replace() in PHP for match and replace operations and how it can be exploited to cause unintended functionality in a web application. It’s a really simple and fun challenge and without much say lets jump in

introduction — Hello guys back again with another walkthrough this time we are going to be tackling surfer from tryhackme which teaches about server side request forgeries or commonly known as SSRF. We are going to utilize this attack to gain access to internal infrastructure of the system and retrieve the flag…

introduction — Hello guys back again with another walkthough this time we are going to be tackling Corridor from TryHackMe. The box demonstrates an Insecure direct object reference vulnerability but with a bit of twists. The images we are trying to access have been md5 hashed so they look totally random but…

introduction — Hello guys back again with another walkthrough. This time am going to be showing how I tackled a binary called bad_timing. It was sent over by a friend who just asked me to analyze and exploit any bug I could find. My initial thought was that I was supposed to…

introduction Hello guys back again with another walkthrough this time we are going to be tackling Hacker vs. Hacker from TryHackMe. The box was rated easy but you could have a hard time if you came in with an attacker’s mindset. After performing a nmap scan you discover that port…