Hello guys back again with another tutorial this time am going to be showing you how i solved devme challenge from corCTF 2021. You are given a web page and performing manual enumeration reveals its running graphql under the hood. The graphql endpoint when passed an email address it creates…

Hello guys back again with another walkthrough this time we are going to be tackling Couch box from tryhackme. The box was a simple box yet an amazing one thanks to the creator of the box stuxnet. The box starts off by us doing a port scan and finding out…

Hello guys back again with another walkthrough. This time we will be tackling big-blind challenge from HSCTF. According to my opinion the challenge was a bit technical but nothing hard if you took a good look at the challenge. Am actually a part of a Kenyan team and i was…

Hello guy back again with another walkthrough on the box That’s The Ticket from TryHackMe. A really nice box that teaches the importance of understand the ins and out of how a vulnerability can be exploited and not only using payloads and not understanding how exactly the vulnerability occurred and…

Hello guys back again with another walkthrough this time we’ll be tackling VulnNet: Roasted from TryHackMe. Another amazing box from TheCyb3rW0lf. This box is purely an active directory box making it so phenomenal. We start off by finding a bunch of usernames from an SMB share and mutating it a…

Hello guys back again with another walkthrough. This time am going to be introducing SQL Injections and we are going to be solving a capture the flag challenge both automatically (using SQLMap) and manually by using burpsuite. SQL Injection vulnerability occurs when unsanitized user controlled input is passed to a…

Hello guys back again with another walkthrough this time we’ll be tackling VulnNet: dotjar from TryHackMe. Yet another amazing box from TheCyb3rW0lf. I really loved the box and it starts off us finding a a tomcat web application that is vulnerable to ghostcat vulnerability. A vulnerability that we’ve exploited before…

Hello guys back again with another walkthrough this time we’ll be tackling Cyber Apocalypse 2021 capture the flag hosted by HackTheBox. Since am part of a team this time i decided to do web challenges and i had a couple of solves. …