Saturday, March 31, 2018

CoinGame 200 Writeup - Nuit Du Hack CTF 2018


Hey there, here is my writeup for a frustrating and easy challenge at the same time during the 'Nuit Du Hack Qualification CTF of 2018'.

Wednesday, March 7, 2018

Pinky's Palace v1 Walkthrough

Hey everyone, welcome to my write-up of the fresh VulnHub's VM Box; it was really a nice one so I liked to share the solution with you Geeks! This machine was realistic and it actually have two nice parts from real Penetration Testing: Web Application Security (USER Process) mixed with Binary Exploitation (ROOT Process), let's jump into the GAME.

Sunday, March 4, 2018

From SQL Injection to Shell - PenTesterLab | Walkthrough

This vulnerable virtual machine details the exploitation of an SQL injection vulnerability in a PHP based website, it basically show how an attacker can use it to gain access to the administration page. Then, using this access, the attacker will be able to gain code execution on the box.

Tuesday, February 27, 2018

Enum 150 Writeup - TamuCTF 2k18

Texas A&M University CTF (TamuCTF) event was really one of the best CTFs, most of the challenges are realistic and I like that. In this writeup we will see the solution of the best challenge of this whole CTF contest. Honestly, it was like a PenTest challenge and not just a simple CTF one.

Thursday, February 15, 2018

Mr. Robot v1 Walkthrough

In this little article I'll be sharing the solution of the Mr.Robot v1 VulnHub's machine! It is really a cool machine. Based on the show, Mr. Robot. This VM has three keys hidden in different locations. Our goal is to find all three flags. Each flag is progressively difficult to find. The level is considered beginner-intermediate. Let's jump in 😀

Tuesday, February 13, 2018

The Perfect Exploit Submission for Exploit-DB

The Exploit Database is a CVE compliant archive of public exploits, shellcodes and security papers, maintained by Offensive Security, an information security training company. Their aim is to provide the most comprehensive collection of exploits and proof of concepts for different vulnerabilities of different products and systems to help security researchers and penetration testers in accomplishing their daily life jobs, etc.

Monday, February 5, 2018

Awesome Curated List of Environments and Platforms for Hacking and CTFs!

Lot of people think that hacking and security is all about reading books and watching tutorials! But unfortunately that is completely wrong! Since, you are into a field related to IT you'll need to practice a lot. Practicing things you learn will develop your skills to the next level!
For that, there is bunch of resources on the net out there! Platforms, Environments and more to practice Hacking/Pen-Testing ethically and safely! My job in this article is to share with you a list of my preferred platforms and environments; Enjoy.

Port Knocking 101

In computer networking, port knocking is a method of externally opening ports on a firewall by generating a connection attempt on a set of pre-specified closed ports. Once a correct sequence of connection attempts is received, firewall rules are dynamically modified to allow the host to connect over specific port.