Let me continue with another post on another awesome and very troll machine from vulnhub it was great at the beginning then all down hill from there incredibly full of rabbit holes and lot’s of creativity to get this one down but still a very laughable one and enjoyable. Start with an nmap scan First … Continue reading Troll Write-Up
Let me start very simple so I kinda wanted to sharpen more my skill in pentesting and decided to do as many vulnhub boxes that I can on my free time, as it seems some of these old school hacks are still very reliable as they still show to appear in the wild so for … Continue reading Goatse Write-Up
So the reason I am calling this a Pentest Challenge is cause it seems that a few people new to the industry don’t understand the fact of computer security seems that the famous ‘iPhone’ is still unbreakable and looks like they still don’t understand that this “hacking” can happen to ANYBODY you do not need … Continue reading Pen-test Challenge
Let me get started that these techniques that I am writing are the most basics one’s out there I am keeping a reminder here that sometimes simplicity works and I don’t need to go the extra mile for an AV Evasion when sometimes I would like to say that 50% of the times nobody updates … Continue reading AV Evasion
OSCP Passed!! Some of my thoughts on this Well after some sleepless nights, poor meals and hard work #TryHarder I am glad to say that I officially passed the OSCP challenge it was a challenge I do say really got me into researching lot’s and I do mean lot’s of enumeration that is the of … Continue reading OSCP Review (Another one…)
I’ve been busy lately with new attack tools, hackthebox, practical pen-test and pen-tester academy (Wow whats wrong with me) but I have been working on me OSWP (Offensive Security Wireless Professional) So without many spoilers I will mention that this test is amazing the course gets really into detail with wireless attacks (outdated, but who … Continue reading OSWP Thoughts
Finally after some hard work I managed to understand and create my first buffer overflow it has been amazing and really worth the learning of course some people might say that this is really to old school as there are different and more techniques to create and detect buffer overflows but sometimes the basic is … Continue reading Buffer Overflows (Free-float FTP)
So lets say you have a shell on a machine that you gain access to over WAN (not LAN totally two different things) you’ve gain root but now you are interested in checking out the local network of your target this is were Port Redirection comes in handy Tools will use: Metasploit Nmap Proxychains … Continue reading Dynamic Port Redirection (Meterpreter)
Today is a quick example on how to brute force a low security login form on the DVWA machine using Hydra You will need Kali Linux Hydra DVWA Burp Suite Wordlist First we need to capture the Login request with Burp to get a Cookie and a response to see how the page works when … Continue reading DVWA Brute Force (Hydra)
Well it took me a while to write my first post but I was really thinking what do I really wanted to start writing about?? what was good that I can write for my first post……SO after much thinking I just gave up and decided to just write posts about stuff that I would need … Continue reading Web Vulnerability
Just in general. Hello everyone I am starting this blog for myself to remember stuff and use it as a cheat sheet with commands that I found very useful, but if it manages to help anyone along the way with there info-sec path that would be awesome, always willing to learn new stuff, focused primarily … Continue reading Hello
