On this post, I would like to share the trick to tackle Basic Pentesting. The objective of this machine would be to gain skills and knowledge on web application hacking and privilege escalation. From the information that we can see

Continue ReadingTryHackMe: Basic Pentesting

In this challenges, i would experience how Security Event been analysis by Security Analyst. Our first task to download the pcap file into your machine and analysis it. For this activity, you will need to install and use wireshark to

Continue ReadingTryHackMe: Overpass 2 Walkthrough

In this post, I would like to share some challenges on a basic level of Local File Inclusion(LFI) attack on the TryHackMe. For those are not familiar with LFI attack, it’s a method which the attacker to trick the web

Continue ReadingTryHackMe: Inclusion – A beginner level LFI challenge

What is Lateral Movement attack? For those are not familiar with Lateral Movement attack, it normally an attack that related to cyberattack techniques that used whenever they successfully gain initial access in order to go deeper within the network. The

Continue ReadingLateral Movement attack Review

In this post, I would like to share some technical areas that I have to try on TryHackMe website. I’m also still learning about CyberSecurity stuff and it’s a lot website learn and power up your skills. I want to

Continue ReadingTryHackMe: Advent of Cyber 2 – Day 1

In this post, I would like to share knowledge and experience while doing Database Penetration Testing. The purpose of Penetration Testing is to find vulnerabilities within the system and simulate the controlled environment if there is any cybersecurity attack which

Continue ReadingDatabase Penetration Testing

Recently, a trojan called Alien which is a new ‘fork’ of Cerberus Banking Trojan that normally targets victim’s credentials from more than 200 mobile applications includes Bank of America and Microsoft Outlook. Alien Trojan has been detected active since early

Continue ReadingAndroid Banking New Trojan

Security Testing is a must whenever talking about device especially mobile application. Mobile device such as iOs and APK have run on various of programming language and frameworks where the mobile apps developers will be using for creating applications. An

Continue ReadingIoS Security Testing

I’m sure that most of the people know what Automated Teller Machine (ATM) is and what is used in our daily life. Just for a reminder for those are not familiar with ATM, so Automated teller machine (ATM) is an

Continue ReadingATM Assessment

In this post, i would like to share one attack method that will take advantage on QR Code which called Quick Response Code Login Jacking (QRLJacking). QRLJacking is a new method that most people might not even heard before. QRLJacking

Continue ReadingQRLJACKING and QRLJACKER