TECHNICAL How to Hack An Insecure Web App: OWASP WebGoat Challenge (Part 2) Mars Groves teaches us how to steal credit cards from a database as part of the OWASP WebGoat challenge.
TECHNICAL Attack Defense: Windows Basic Exploitation #8 Part 8 of our popular attack/defense series on basic windows exploitation.
TECHNICAL Attack Defence: Windows Basic Exploitation #7 In this article, you will learn how to exploit an OSGi Console using metasploit and gain access to your target system.
TECHNICAL Understanding Linux Cron Jobs Understanding the tole of Linux cron jobs and how they can help you during penetration tests.
TECHNICAL Hacking GraphQL for Fun and Profit (2): Methodology & Examples Part two of our popular series on hacking GraphQL for Fun and profit. In this article we focus on the methodology.
TECHNICAL Recon Basics: Tornado Webserver Tornado is a python webserver framework developed by FriendFeed. It can scale to tens of thousands of open connections, making it ideal for WebSockets.
TECHNICAL Attack Defence: Windows Basic Exploitation #6 Learn how to exploit CGI Servlet in Apache Tomcat in part six of basic windows exploitation.
TECHNICAL Client-Side Encryption Bypass (2) Part two in Sameer Bhatt's series on client-side encryption bypass.
TECHNICAL Gunicorn Recon Basics Part three of Gurkirat Singh's series on web server reconnaissance, this time focusing on Gunicorn.
TECHNICAL Recon Basics: Apache Server A writeup of the Attatck/Defence lab for learning Apache webserver recon.
TECHNICAL Client-Side Encryption Bypass using DevTools Part-1 In this article, we will discuss the extra security layer implemented inside application encryption mechanisms.
TECHNICAL Learn How To Build A Low-Cost Rubber Ducky Type Device Learn how to build a low-cost Rubber Ducky device to execute an attack seen on the Mr. Robot TV show.
TECHNICAL Bypass Strict Input Validation With Remove Prefix and Suffix Patterns Learn how to bypass strict input validation on a web app that prevents you from sending RCE payloads.
TECHNICAL Attack Defence: Windows Basic Exploitation #5 Part five in our series on basic windows exploitation, in this episode we focus on exploiting the Apache Tomcat webserver.
TECHNICAL HTB Passage Walkthrough Welcome back to another of my HackTheBox walk throughs, this time I will take on the Simple machine. It gets a bit tricky to understand how to proceed for the root flag. Let's go! nmap -A -T4 10.10.10.206 Starting Nmap 7.80 ( https://nmap.org ) at 2020-09-26
TECHNICAL Attack Defence: Windows Basic Exploitation #4 Hello everyone, I have returned to tackle part four of my series on Windows exploitation, in this episode you will learn how to exploit Process Builder utility to gain access to windows environment. I recommend you to first try out this lab on Attack Defence => https://www.attackdefense.com/challengedetails?
TECHNICAL HTB Academy Walkthrough This time I will be taking on the Academy box, join me on this technical HackTheBox walkthrough.
TECHNICAL Unrelease Resource Stream: Sometimes Garbage Collectors Do Not Save Us The problem of not releasing the resources we use is that over time the server fills up with things to do and is no longer able to process incoming requests, causing a disservice.
TECHNICAL HTB Jewel Walkthrough Let's explore an interesting box with an unusual "illogical" passage in this hack-the-box write-up.
TECHNICAL HTB Doctor Walkthrough This time we will be taking on the HTB Doctor challenge, it seems to be an easy BOX, but perhaps not too easy.
TECHNICAL RegEx: Sequence Is Important Regular Expressions, known as RegEx, are cool,they are extremely useful and allow us to do beautiful things.
