Learning Series: SQL Injection attack method
In this post, I would like to share some knowledge about SQL Injection which can be useful during Penetration Testing activity. Before we went deeper into it, I will try…
Hack The Box: (Unintended Way) To obtain a root shell using CVE-2022-2588 Vulnerability on Faculty HTB
In this post, I would like to share some Unintended ways to obtain the root shell by using the vulnerability of the Faculty machine that recently retired which can be…
Learning Series: Bypass AV detection using HoaxShell
In this post, I would like to share a way to bypass AV detection by using HoaxShell which that tool has been created by t3l3machus. What is HoaxShell? HoaxShell is…
Hack The Box: Perspective Machine Walkthrough – Insane Difficulty
In this post, I would like to share a walkthrough of the Perspective Machine from Hack the Box This room will be considered an Insane machine on Hack the Box What will…
Hack The Box: (Unintended) way to get Root Privileges Access using the latest version JuicyPotato
What is JuicyPotato Vulnerability? Those who have experienced Pentester and had a good time testing with Windows Escalation Method, they are surely heard about JuicyPotato at least once. Therefore, for…
Learning Series: Server-Side Template Injection (SSTI)
What is Server-Side Template Injection? An attack that allows the attacker to use the native template syntax to inject a few malicious payloads into the template is been called Server-side…
Learning Series: Directory Traversal Attack Method
In this post, I want to share on Directory Traversal Attack Method which can be useful during any Red Teaming OR Penetration Testing Before I share the demo of the…
Custom Binary Exploitation
In this post, I would like to explore more binary exploitation such as nreport which will improve my skills and knowledge. For a record, the binary file is coming from…