What is Phar Deserizalition to Remote Code Execution? Phar file also known as PHP Archive will normally contain metadata that is written in a serialized format. As a result, the bad guys can abuse the vulnerability related to deserialized that wrote inside the PHP code. For […]
What is API Penetration Testing? For those who are not familiar with API Penetration Testing, it’s a test activity that involves all the processes of vulnerability assessment and ensures that the client is implementing very solid endpoints for their APIs environment. Why does the company need […]
In this post, I would like to share some information on the Insecure Direct Object Reference (IDOR) vulnerability. What is IDOR Vulnerability? For those who are not familiar with IDOR vulnerability, it’s an attack type that accesses control vulnerability that is executed when the application is […]
In this post, I would like to share some knowledge about SQL Injection which can be useful during Penetration Testing activity. Before we went deeper into it, I will try to explain what is SQL Injection for those who are not familiar with it. SQL injection […]
What is JuicyPotato Vulnerability? Those who have experienced Pentester and had a good time testing with Windows Escalation Method, they are surely heard about JuicyPotato at least once. Therefore, for people out, there should not fret who are not familiar with Windows Escalation at all and […]
In this post, I would like to share a walkthrough of the Vessel Machine from Hack the Box This room will be considered a medium machine on Hack the Box What will you gain from the Vessel machine? For the user flag, you will need to download a […]
In this post, I would like to share a walkthrough of the Health Machine from Hack the Box This room will be considered a medium machine on Hack the Box What will you gain from the health machine? For the user flag, you will need to abuse the […]
In this post, I would like to share a walkthrough of the Outdated Machine from Hack the Box This room will be considered a medium machine on Hack the Box What will you gain from the Outdated machine? For the user flag, you will need to exploit the […]
In this post, I would like to share a walkthrough of the Moderators Machine from Hack the Box This room will be considered a Hard machine on Hack The Box What will you gain from the Moderators machine? For the user flag, you will need to enumerate the […]
In this post, I would like to share a walkthrough of the Faculty Machine from Hack the Box This room will be considered a Medium machine on Hack The box What will you gain from the faculty machine? For the user flag, you will need to abuse the […]