SSRF stands for Server Side Request Forgery. It is a type of web application vulnerability that allows an attacker to send a crafted request from the vulnerable server to other internal or external systems. It’s a server side attack that leads to sensitive information disclosure from the back-end server of the application. SSRF attacks can result in the disclosure of ...

Web3: A New Era of Decentralized Communication Web3 is not just about decentralizing finance or data storage; it also has the potential to revolutionize communication. With Web3, we can move away from the centralized communication platforms of the past and towards a decentralized, peer-to-peer communication system that gives users more control over their data and privacy. In this article, we’ll ...

What is WifiPineapple The Wifipineapple is a wifi auditing platform by Hack5 that offers extensive features for defensive and offensive wifi security applications through a slick interface that you can access from any web browesers. You can easily manage your wifipineapple and use it connect wireless engagements to gather passive on a target network or even execute man-in-the-middle style attack. ...

HTB-TimeLapse machine is really a great learning box for those who are new to Windows and Active Directory Pentesting I found the initial access (user flag) easier and root flag was a bit tricky for me due to my lack of windows privilege escalation skills overall its a fun machine Enumeration As always starting with an Nmap scan Nmap discovery ...

When we talk about web applications nowadays they are one of the most indispensable parts of many of the business activities of any companies around the globe that we engage in every day. While the web applications have great advantages like availability all around the world through the internet and are easy to deploy without any effort and investment from ...

Session hijacking ( cookie hijacking or cookie side-jacking) is a cyber-attack in which attackers take over a legitimate user’s computer session to obtain their session ID and then act as that user on any number of network services. This type of attack is hazardous to application security because it allows attackers to gain unauthorized access to protected accounts under the ...

Log4Shell is a vulnerability in the Apache Log4j Java-based logging library. Log4j is a fast, flexible and reliable logging framework (APIS) written in Java Programming Language. Log4j 2(Apache Log4j 2.0–2.14.1) versions which is a very common logging library used by applications across the world. The open-source Apache Log4j library has over 400,000 downloads from its Github project, according to cybersecurity ...

Based on the Mr. Robot show, can you root this box? This CTF room can be considered as a very beginner friendly room.This was personally my first CTF room I have solved,so this is a special room for me. Mr.Robot is an American techno thriller television series. The plot is around Elliot Alderson, a cybersecurity engineer and hacker with a ...

What is Web Scraping? Web scraping is an automated method used to extract large amounts of data from websites. the data on the websites are unstructured. web scraping helps to collect these unstructured data and store it in a structured form. there are different ways to scrape websites such as onlineservices, APIs or writing your own code. Data displayed by ...

A Rick and Morty CTF. Help turn Rick back into a human! Link to room is here This is Rick and Morty themed challenge,we are Morty in this challenge. We have to exploit a web server to find 3 ingredients that will help Rick make his potion to transform himself back into a human from a pickle.Let’s use our hacking ...

Exit mobile version