Tag: Penetration Testing

In this post, I would like to share a walkthrough of the Ambassador Machine from Hack the Box This room will be considered a medium machine on Hack the Box What will…

What is Phar Deserizalition to Remote Code Execution? Phar file also known as PHP Archive will normally contain metadata that is written in a serialized format. As a result, the…

There is no excerpt because this is a protected post.

What is API Penetration Testing? For those who are not familiar with API Penetration Testing, it’s a test activity that involves all the processes of vulnerability assessment and ensures that…

A little bit of explanation on Kerberos and Impacket In this post, I would like to share my knowledge and skills about the Kerberos which we will take advantage of…

In this post, I would like to share some information on the Insecure Direct Object Reference (IDOR) vulnerability. What is IDOR Vulnerability? For those who are not familiar with IDOR…

In the post, I would like to share some tricks that I learned such as using the WSUS Trick while playing with the Outdated Machine which the walkthrough over here…

In this post, I would like to share some knowledge about SQL Injection which can be useful during Penetration Testing activity. Before we went deeper into it, I will try…

In this post, I would like to share a walkthrough of the Perspective Machine from Hack the Box This room will be considered an Insane machine on Hack The Box What will…

What is Server-Side Template Injection? An attack that allows the attacker to use the native template syntax to inject a few malicious payloads into the template is been called Server-side…