Posts by Category
Tutorials
Web Security Vulnerabilities - Broken Authentication
Authentication is the process of verifying the identity of a user. It ensures that the person or system interacting w...
Web Security Vulnerabilities - Server Side Request Forgery
Server Side Request Forgery also known as SSRF, is a web security vulnerability that allows an attacker to manipulate...
Web Security Vulnerabilities - SQL Injection
SQL Injection, also known as SQLI, is a web security vulnerability that allows an attacker to inject malicious querie...
Web Security Vulnerabilities - Cross Site Scripting (XSS)
Cross-Site Scripting, also known as XSS, is a web security vulnerability that allows attackers to inject malicious sc...
SIEM Tutorial - Part 3
Hello, in part 2, we covered what Splunk is, its components, explored its interface, and solve a small piece of the `...
SIEM Tutorial - Part 2
Hello security analysts, today I'm back with the second part of the SIEM tutorial. In the first part, we discussed lo...
SIEM Tutorial - Part 1
Hello everyone, today I'm going to share with you a series of tutorials about SIEM solutions. Tutorial consists of th...
HackTheBox
Drive Machine Writeup
Drive is HackTheBox Hard Linux Machine which starts with a website that I can upload, store, edit, and share files. a...
OnlyForYou Machine Writeup
OnlyForYou is a medium Linux machine that includes LFI exploitation, code execution, cypher injection in `neo4j` data...
Shared Machine Writeup
Shared is medium linux machine that involves exploiting SQL injection, ipython and redis.
Trick Machine Writeup
Trick is an easy linux machine that involves exploiting SQL injection, LFI and fail2ban service.
Faculty Machine Writeup
Faculty is a medium linux machine that involves mpdf exploitation, meta-git and privilege escalation with gdb.
Timelapse Machine Writeup
Timelapse is an easy windows machine that involves smb enumeration, password hash cracking, and exploitation of weak ...