Protected: Hack The Box: Toxic Challenge – Easy Difficulty
There is no excerpt because this is a protected post.
Security Awareness for all users
There is no excerpt because this is a protected post.
In this post, I would like to share a walkthrough of the Inject Machine from Hack the Box This room will be considered an Easy machine on Hack the Box What…
There is no excerpt because this is a protected post.
In this post, i would like to share a method that i have learned while playing with Bagel Machine. The vulnerability attack that i mentioned here is by using dotnet…
Dompdf Vulnerability For those who are not familiar with Dompdf, Synk has released a few vulnerabilities that are related to Dompdf over here. Based on the description here, the vulnerability…
What are AMSI and AppLocker bypasses? This is a Windows Machine that might have some security features that might be preventing the reverse shell from running on the machine itself.…
In this post, I would like to share a weakness of ModSecurity that has been used within the Sekhmet Machine. The full writeup on the Sekhmet machine can be found…
In this post, I would like to share how to escape the docker environment to obtain Root Privileges Access on the machine itself. However, I did manage to get Root…
What is Varnish’s HTTP cache? To be honest, it’s my debut of hearing about the Varnish HTTP cache and my first time exploiting it. As a result, let’s try to…
What is JWT? For those who are not familiar with JSON tokens, it’s a method to securely exchange data, especially an LFI attack in which the application uses a JSON…