Author: admin

  • Nunchucks Penetration Testing: A Close Look

    Summary Nunchucks is a Linux machine and is considered an easy box by the hack the box. On this box, we will begin with a basic port scan and move laterally based on the findings. Then we will enumerate HTTP services and hunt vulnerabilities present on the web page.  Laterally, we will exploit server-side template…

  • Exploring Blackfield Penetration Testing

    Summary Blackfield is a windows Active Directory machine and is considered as hard box by the hack the box. This box has various interesting vulnerabilities, and security misconfigurations were placed. As usual, we began with a basic nmap scan as a part of enumeration and noticed smb null session was enabled. Then we discovered a…

  • Becoming the Ultimate Pentester: Mastering the Art of Penetration Testing with Pentester Club

    Welcome to Pentester Club! In this video, we are thrilled to present to you an opportunity to enhance your penetration testing skills to a mastery level, ultimately making you the king of the field. Join us on this transformative journey as we guide you through the art of penetration testing, equipping you with the tools…

  • Cracking the Code: Mastering the Boot to Root CTF Challenge

    In this exciting video, join us as we dive deep into the world of ethical hacking and take on the thrilling “Boot to Root CTF Challenge”. This interactive challenge will test your skills and knowledge in cracking a complex code, ultimately leading you to gain full control over the target system. With our expert guidance,…

  • Uncover the Secrets of Napping Penetration Testing

    Napping is a machine I created where I wanted to highlight the exploit of Tab Nabbing. We use the Tab Nabbing attack to phish out some credentials from a administrator who happens to use the same credentials to SSH into the machine. Then we see that we can write to a Python script that is…

  • The Planets: Venus VulnHub โ€” Write-up

    Enumeration First, lets scan the VM with nmap to find open ports.nmap -sV -Pn 192.168.56.106 We can see the server has ssh running on port 22 and a webserver on port 8080, lets check that one out. Here we can use the suggested credentials (guest:guest) and we get to a monitoring page but we cant…

  • The Ultimate Guide to Garudapurana CTF Penetration Testing

    Introduction Today we are going to crack this vulnerable machine called GarudaPurana. This is a Capture the Flag type of challenge.ย  Overall, it was an Intermediate machine to crack. Penetration Testing Methodology Walkthrough Network Scanning To attack any machine, we need to find the IP Address of the machine. This can be done using the…

  • Recover Hacked Website

    As Blue team cybersecurity analysts, we discovered a Local File Inclusion (LFI) backdoor on a website utilizing the WordPress framework. Through utilizing Hashcat rules and password mutation techniques, we were able to uncover login credentials and regain access to the compromised machine, known as the โ€œRedโ€ machine. However, it is important to note that the…

  • The Planets: Earth CTF

    Hello, today we are trying to get the flags from the second machine from The Planets series: Earth! So this is more challenging that the first one which was Mercury however this is a great way to learn some techniques that are repeatable, especially during scanning and gathering information phase. This CTF is coming in…

  • SS7 โ€” THE DEADLIEST ATTACK

    The advent of smartphones has brought about a revolutionary transformation in telecommunications, surpassing conventional expectations with their multifaceted utility. However, a recent report has unveiled a concerning trend: children now spend twice as much time on their smartphones as they do engaging in conversations with their parents. This revelation is disconcerting, given the extensive role…