In this post, I would like to share some knowledge about SQL Injection which can be useful during Penetration Testing activity. Before we went deeper into it, I will try to explain what is SQL Injection for those who are not familiar with it. SQL injection […]
In this post, I would like to share some Unintended ways to obtain the root shell by using the vulnerability of the Faculty machine that recently retired which can be read here Enumerate the Faculty HTB server using linpeas script Firstly, we need to upload linpeas.sh […]
In this post, I would like to share a way to bypass AV detection by using HoaxShell which that tool has been created by t3l3machus. What is HoaxShell? HoaxShell is a tool that contains unconventional Windows Reverse Shell which can be undetected by Mircosoft Defender. Guys, […]
In this post, I would like to share a walkthrough of the Perspective Machine from Hack the Box This room will be considered an Insane machine on Hack the Box What will you gain from the Perspective machine? For the user flag, you will need to exploit an […]
What is JuicyPotato Vulnerability? Those who have experienced Pentester and had a good time testing with Windows Escalation Method, they are surely heard about JuicyPotato at least once. Therefore, for people out, there should not fret who are not familiar with Windows Escalation at all and […]
What is Server-Side Template Injection? An attack that allows the attacker to use the native template syntax to inject a few malicious payloads into the template is been called Server-side template injection or also known as SSTI. Normally, the attacks will work when the attacker makes […]
In this post, I want to share on Directory Traversal Attack Method which can be useful during any Red Teaming OR Penetration Testing Before I share the demo of the attack over here, let’s study the methodology and the process of the attack on the website. […]
In this post, I would like to explore more binary exploitation such as nreport which will improve my skills and knowledge. For a record, the binary file is coming from OverGraph Machine on Hack the Box Platform. Before we start to analyze the binary file, we […]