SSRF stands for Server Side Request Forgery. It is a type of web application vulnerability that allows an attacker to send a crafted request from the vulnerable server to other internal or external systems. It’s a server side attack that leads to sensitive information disclosure from the back-end server of the application. SSRF attacks can result in the disclosure of ...

What is WifiPineapple The Wifipineapple is a wifi auditing platform by Hack5 that offers extensive features for defensive and offensive wifi security applications through a slick interface that you can access from any web browesers. You can easily manage your wifipineapple and use it connect wireless engagements to gather passive on a target network or even execute man-in-the-middle style attack. ...

Hello hackers Windows is used by this computer. Because I have little familiarity with Windows boxes and spend the majority of my practise time on the Linux command line, I found this machine to be challenging (but worthwhile). But this box is ideal if you want to learn something interesting about Windows. Let’s get started #Recon: We first start with ...

When we talk about web applications nowadays they are one of the most indispensable parts of many of the business activities of any companies around the globe that we engage in every day. While the web applications have great advantages like availability all around the world through the internet and are easy to deploy without any effort and investment from ...

Session hijacking ( cookie hijacking or cookie side-jacking) is a cyber-attack in which attackers take over a legitimate user’s computer session to obtain their session ID and then act as that user on any number of network services. This type of attack is hazardous to application security because it allows attackers to gain unauthorized access to protected accounts under the ...

Log4Shell is a vulnerability in the Apache Log4j Java-based logging library. Log4j is a fast, flexible and reliable logging framework (APIS) written in Java Programming Language. Log4j 2(Apache Log4j 2.0–2.14.1) versions which is a very common logging library used by applications across the world. The open-source Apache Log4j library has over 400,000 downloads from its Github project, according to cybersecurity ...

what is a pwnagotchi ? A pwnagotchi is a Tamagotchi like digital toy,but it feeds on Wi-Fi handshakes.The pwnagotchi is made with the help of a raspberry pi zero. It sniff around for the Wi-Fi signals around it and deauthenticate the client from the access point and captures the handshakes while they try to reconnect. This handshakes will be saved ...

Based on the Mr. Robot show, can you root this box? This CTF room can be considered as a very beginner friendly room.This was personally my first CTF room I have solved,so this is a special room for me. Mr.Robot is an American techno thriller television series. The plot is around Elliot Alderson, a cybersecurity engineer and hacker with a ...

A Rick and Morty CTF. Help turn Rick back into a human! Link to room is here This is Rick and Morty themed challenge,we are Morty in this challenge. We have to exploit a web server to find 3 ingredients that will help Rick make his potion to transform himself back into a human from a pickle.Let’s use our hacking ...

Can you exfiltrate the root flag? Link to room is here . Our challenge here is to find 2 flags. Let’s start with enumerating the ip Use: nmap -sC -sV -A <machine_ip> We can see that port 22 and port 80 are open. Let’s go and check out what is there in the website since port 80 is open. It’s ...

Exit mobile version