Log4Shell is a vulnerability in the Apache Log4j Java-based logging library. Log4j is a fast, flexible and reliable logging framework (APIS) written in Java Programming Language. Log4j 2(Apache Log4j 2.0–2.14.1) versions which is a very common logging library used by applications across the world. The open-source Apache Log4j library has over 400,000 downloads from its Github project, according to cybersecurity ...

what is a pwnagotchi ? A pwnagotchi is a Tamagotchi like digital toy,but it feeds on Wi-Fi handshakes.The pwnagotchi is made with the help of a raspberry pi zero. It sniff around for the Wi-Fi signals around it and deauthenticate the client from the access point and captures the handshakes while they try to reconnect. This handshakes will be saved ...

Based on the Mr. Robot show, can you root this box? This CTF room can be considered as a very beginner friendly room.This was personally my first CTF room I have solved,so this is a special room for me. Mr.Robot is an American techno thriller television series. The plot is around Elliot Alderson, a cybersecurity engineer and hacker with a ...

https://app.hackthebox.eu/machines/359 BountryHunter is web based easy difficulty machine . Table of contents Scanning Nmap Enumaration Gobuster Exploitation Burpsuite and SSH Privilege Escalation ticketValidator.py Scanning ( In this face I want to do the OS Discovery, Open ports, Services on open ports and also the vulnerability scripts checking too.) For scanning purposes I choose Nmap. Nmap is the default in all Debian ...

Table of contents Introduction What is TCP protocol? Advantages of TCP protocol Disadvantages of TCP protocol Attacks on the TCP What is UDP protocol? Advantages of UDP protocol Disadvantages of UDP protocol Attacks on the UDP TCP vs UDP 1. Introduction A communication protocol is a set of rules and regulations which are performed to transfer data to the source ...

What is Web Scraping? Web scraping is an automated method used to extract large amounts of data from websites. the data on the websites are unstructured. web scraping helps to collect these unstructured data and store it in a structured form. there are different ways to scrape websites such as onlineservices, APIs or writing your own code. Data displayed by ...

A Rick and Morty CTF. Help turn Rick back into a human! Link to room is here This is Rick and Morty themed challenge,we are Morty in this challenge. We have to exploit a web server to find 3 ingredients that will help Rick make his potion to transform himself back into a human from a pickle.Let’s use our hacking ...

Can you exfiltrate the root flag? Link to room is here . Our challenge here is to find 2 flags. Let’s start with enumerating the ip Use: nmap -sC -sV -A <machine_ip> We can see that port 22 and port 80 are open. Let’s go and check out what is there in the website since port 80 is open. It’s ...

What is google Dorking ? Google dorking is a method or technique used to find precise search results,but with a little creativity we can find all kinds of data exposed in the internet accidentally. This technique can also be used to get precise information on any topic while googling things. The first thing that a cyber security enthusiat thinks when ...

Tabby is an easy Linux based machine from Hackthebox. The initial foothold to this box is obtained by Tomcat Manager app exploit and an LFI. Gaining user access requires a decent amount of enumeration. Root access obtained by exploiting the LXC. In this blog I have tried to separate each process Enumeration 2. Initial foothold 3. Lateral movement 4. Privilage ...