Difficulty: Insane #NMAP: Nice, seems to be a WordPress site. Now let’s go browse. Being a wordpress site, I already know the login directory is wp-login.php. Navigate on it. The first thing I can think of is to use a fantastic tool, “wp-scan” and enumerate the users. Or see if we can find any vulnerabilities…

In this Article, I conduct a thorough penetration testing on my school’s website to ensure its security against potential cyber threats. By simulating various hacking techniques, I aim to uncover any vulnerabilities that could compromise sensitive information. Follow along as I demonstrate the importance of regular security assessments and how to protect your online assets.…

In this video, we explore the world of DevOps penetration testing and how it can help secure your infrastructure. With the rise of DevOps practices, it’s crucial to ensure that your systems are protected from potential threats. Join us as we discuss the importance of penetration testing in a DevOps environment and how it can…

Welcome to our video discussing the journey to success for cybersecurity firms! In this video, we dive into the steps and strategies that top-level organizations can take to stay proactive in cybersecurity measures. As cyber threats continue to evolve, cybersecurity firms play a crucial role in protecting businesses from potential attacks. By understanding the unique…

Welcome to our comprehensive guide on mastering Joomla penetration testing! In this video, we will cover everything you need to know to effectively test the security of Joomla websites. From understanding common vulnerabilities to exploring advanced techniques, this guide will equip you with the knowledge and skills to confidently assess the security of Joomla sites.…

BassamCTF is an easy machine from Vulnhub. However, it requires a bit of enumeration that are straightforward. Find the IP address First of all, I identified the IP address of the target machine. Here, host ID 100 is my IP address, whereas 146 is the target. Scan open ports Next, I scanned open ports on…

This comprehensive guide delves into the intricacies of Lateral Movement utilizing Ligolo-Ng, a tool developed by Nicolas Chatelain. The Ligolo-Ng tool facilitates the establishment of tunnels through reverse TCP/TLS connections using a tun interface, avoiding the necessity of SOCKS. This guide covers various aspects, from the tool’s unique features to practical applications such as single…

In this video, we will be diving deep into the world of command injection penetration testing. Command injection is a type of vulnerability that allows an attacker to execute arbitrary commands on a system. By uncovering such vulnerabilities through thorough testing, we can prevent potential security breaches and protect our systems from malicious attacks. During…

Welcome to the ultimate ICMP hping3 monitoring penetration testing guide! In this video, we will explore how to use hping3 for monitoring network connectivity and security using ICMP (Internet Control Message Protocol) packets. ICMP is a vital protocol in network communication, often used for troubleshooting and monitoring network issues. Hping3 is a powerful command-line tool…

Summary GoodGames is a Linux machine and is considered an easy box. but it was tricky indeed. On this box, we will begin with a basic port scan and move laterally. Then we will enumerate domain name and subdomains. Then we will exploit SQL Injection vulnerability using burp and SQLmap. Exploitation of the server-side template…