SSRF stands for Server Side Request Forgery. It is a type of web application vulnerability that allows an attacker to send a crafted request from the vulnerable server to other internal or external systems. It’s a server side attack that leads to sensitive information disclosure from the back-end server of the application. SSRF attacks can result in the disclosure of ...

Hello Hackers, In this blog post I am discussing with you about creating WiFi jammer and fake APs (Access Point) with ESP8266 (NodeMCU). Disclaimer: This is only for educational purpose. Don’t try this on someone’s property without authorization. What We Discuss Today What is ESP8266? Setup Environment Flashing : ESP8266 Turn As Weapon Creating WiFi Jammer and Fake AP Getting ...

What is WifiPineapple The Wifipineapple is a wifi auditing platform by Hack5 that offers extensive features for defensive and offensive wifi security applications through a slick interface that you can access from any web browesers. You can easily manage your wifipineapple and use it connect wireless engagements to gather passive on a target network or even execute man-in-the-middle style attack. ...

When we talk about web applications nowadays they are one of the most indispensable parts of many of the business activities of any companies around the globe that we engage in every day. While the web applications have great advantages like availability all around the world through the internet and are easy to deploy without any effort and investment from ...

Based on the Mr. Robot show, can you root this box? This CTF room can be considered as a very beginner friendly room.This was personally my first CTF room I have solved,so this is a special room for me. Mr.Robot is an American techno thriller television series. The plot is around Elliot Alderson, a cybersecurity engineer and hacker with a ...

https://app.hackthebox.eu/machines/359 BountryHunter is web based easy difficulty machine . Table of contents Scanning Nmap Enumaration Gobuster Exploitation Burpsuite and SSH Privilege Escalation ticketValidator.py Scanning ( In this face I want to do the OS Discovery, Open ports, Services on open ports and also the vulnerability scripts checking too.) For scanning purposes I choose Nmap. Nmap is the default in all Debian ...

A Rick and Morty CTF. Help turn Rick back into a human! Link to room is here This is Rick and Morty themed challenge,we are Morty in this challenge. We have to exploit a web server to find 3 ingredients that will help Rick make his potion to transform himself back into a human from a pickle.Let’s use our hacking ...

Can you exfiltrate the root flag? Link to room is here . Our challenge here is to find 2 flags. Let’s start with enumerating the ip Use: nmap -sC -sV -A <machine_ip> We can see that port 22 and port 80 are open. Let’s go and check out what is there in the website since port 80 is open. It’s ...

What is google Dorking ? Google dorking is a method or technique used to find precise search results,but with a little creativity we can find all kinds of data exposed in the internet accidentally. This technique can also be used to get precise information on any topic while googling things. The first thing that a cyber security enthusiat thinks when ...

Tabby is an easy Linux based machine from Hackthebox. The initial foothold to this box is obtained by Tomcat Manager app exploit and an LFI. Gaining user access requires a decent amount of enumeration. Root access obtained by exploiting the LXC. In this blog I have tried to separate each process Enumeration 2. Initial foothold 3. Lateral movement 4. Privilage ...

Exit mobile version