In this post, I would like to share some information on the Insecure Direct Object Reference (IDOR) vulnerability. What is IDOR Vulnerability? For those who are not familiar with IDOR vulnerability, it’s an attack type that accesses control vulnerability that is executed when the application is […]
In this post, I would like to share some knowledge about SQL Injection which can be useful during Penetration Testing activity. Before we went deeper into it, I will try to explain what is SQL Injection for those who are not familiar with it. SQL injection […]
In this post, I would like to share a walkthrough of the Shared Machine from Hack the Box This room will be considered a medium machine on Hack the Box What will you gain from the Shared machine? For the user flag, you will need to abuse the […]
In this post, I would like to share a walkthrough of the Carpediem Machine from Hack the Box This room will be considered an Hard machine on Hack The box What will you gain from the Carpediem machine? For the user flag, you will need to obtain admin […]
In this post, I would like to share a walkthrough of the Retired Machine from Hack the Box This room will be considered a medium machine on Hack The box What will you gain from the Retired machine? For the user flag, you will need to abuse the Local […]
In this post, I would like to share a walkthrough of the Backendtwo Machine from Hack the Box This room will be considered a medium machine on Hack The box What will you gain from the Backendtwo machine? For the user flag, you will need to abuse the API […]
In this post, I would like to share a walkthrough of the Hathor Machine from Hack the Box This room will be considered an Insane machine on Hack The box What will you gain from the Hathor machine? For the user flag, you will need to abuse the Windcorp […]
In this post, I would like to share a walkthrough of the RouterSpace Machine from Hack the Box This room will be considered as an Easy machine on Hack The box What will you gain from the RouterSpace machine? For the user flag, you will need to analyze the android […]
In this post, I would like to share a walkthrough of the Pwnkit from Tryhackme If you want to play this room, you can click over here Introduction to CVE-2021-4043 (pwnkit) Those vulnerabilities have been discovered within all versions of Policy Toolkit or also known as Polkit […]