Posts by Tag

• Security 13
• Linux 6
• Web 6
• nmap 5
• Privilege escalation 5
• wfuzz 4
• Nodejs 2
• SSH 2
• Tomcat 2
• Javascript 2
• gobuster 2
• Burp Suite 2
• Reverse Shell 2
• slae 1
• assembly 1
• tcp bind shellcode 1
• buffer overflow 1
• cve 1
• windows 1
• file upload 1
• cloudme sync 1
• python 1
• steg 1
• rot13 1
• CVE 1
• Ollie 1
• Exploit 1
• Deserialization 1
• web 1
• John 1
• Hash 1
• FTP 1
• Metasploit 1
• Windows 1
• CMD 1
• FW 1
• Cat 1
• Cadaver 1
• Hydra 1
• Python 1
• Burpsuite 1
• Burp 1
• Cyberchef 1
• hash 1

Security

CTF collection Vol.2

July 02, 2022  

Sharpening up your CTF skill with the collection. The second volume is about web-based CTF

Security Linux nmap Burp Suite Web Reverse Shell Privilege escalation

Watcherv 1.4

May 27, 2022  

Work your way through the machine and try to find all the flags you can!

Security Linux nmap Burp Suite Web Reverse Shell Privilege escalation

Couch

May 08, 2022  

Hack into a vulnerable database server that collects and stores data in JSON-based document formats, in this semi-guided challenge.

Security Linux Burp Cyberchef hash gobuster Web

Glitch final

May 06, 2022  

Challenge showcasing a web app and simple privilege escalation. Can you find the glitch?

Security Linux wfuzz gobuster Burpsuite Web Nodejs Privilege escalation

Jack-of-All-Trades

May 04, 2022  

Boot-to-root originally designed for Securi-Tay 2020

Security Linux Web Javascript Privilege escalation

VulnNet2 Node

May 02, 2022  

After the previous breach, VulnNet Entertainment states it won’t happen again. Can you prove they’re wrong?

Security Linux Web Javascript Privilege escalation

Library

April 29, 2022  

boot2root machine for FIT and bsides guatemala CTF

Security Hydra SSH Python nmap wfuzz

Dav

April 29, 2022  

boot2root machine for FIT and bsides guatemala CTF

Security Cat Cadaver Tomcat nmap wfuzz

Investigating Windows

April 28, 2022  

A windows machine has been hacked, its your job to go investigate this windows machine and find clues to what the hacker might have done.

Security Windows CMD FW

Thompson

April 27, 2022  

read user.txt and root.txt

Security Metasploit Tomcat nmap wfuzz

Anonforce

April 25, 2022  

boot2root machine for FIT and bsides guatemala CTF

Security John Hash FTP SSH

Jason

April 22, 2022  

Jason in JavaScript everything is a terrible mistake.

Security Nodejs Deserialization web

Ollie - TryHackMe

April 19, 2022  

Meet the world’s most powerful hacker dog!

CVE Security Ollie Exploit

Back to Top ↑

Linux

CTF collection Vol.2

July 02, 2022  

Sharpening up your CTF skill with the collection. The second volume is about web-based CTF

Security Linux nmap Burp Suite Web Reverse Shell Privilege escalation

Watcherv 1.4

May 27, 2022  

Work your way through the machine and try to find all the flags you can!

Security Linux nmap Burp Suite Web Reverse Shell Privilege escalation

Couch

May 08, 2022  

Hack into a vulnerable database server that collects and stores data in JSON-based document formats, in this semi-guided challenge.

Security Linux Burp Cyberchef hash gobuster Web

Glitch final

May 06, 2022  

Challenge showcasing a web app and simple privilege escalation. Can you find the glitch?

Security Linux wfuzz gobuster Burpsuite Web Nodejs Privilege escalation

Jack-of-All-Trades

May 04, 2022  

Boot-to-root originally designed for Securi-Tay 2020

Security Linux Web Javascript Privilege escalation

VulnNet2 Node

May 02, 2022  

After the previous breach, VulnNet Entertainment states it won’t happen again. Can you prove they’re wrong?

Security Linux Web Javascript Privilege escalation

Back to Top ↑

Web

CTF collection Vol.2

July 02, 2022  

Sharpening up your CTF skill with the collection. The second volume is about web-based CTF

Security Linux nmap Burp Suite Web Reverse Shell Privilege escalation

Watcherv 1.4

May 27, 2022  

Work your way through the machine and try to find all the flags you can!

Security Linux nmap Burp Suite Web Reverse Shell Privilege escalation

Couch

May 08, 2022  

Hack into a vulnerable database server that collects and stores data in JSON-based document formats, in this semi-guided challenge.

Security Linux Burp Cyberchef hash gobuster Web

Glitch final

May 06, 2022  

Challenge showcasing a web app and simple privilege escalation. Can you find the glitch?

Security Linux wfuzz gobuster Burpsuite Web Nodejs Privilege escalation

Jack-of-All-Trades

May 04, 2022  

Boot-to-root originally designed for Securi-Tay 2020

Security Linux Web Javascript Privilege escalation

VulnNet2 Node

May 02, 2022  

After the previous breach, VulnNet Entertainment states it won’t happen again. Can you prove they’re wrong?

Security Linux Web Javascript Privilege escalation

Back to Top ↑

nmap

CTF collection Vol.2

July 02, 2022  

Sharpening up your CTF skill with the collection. The second volume is about web-based CTF

Security Linux nmap Burp Suite Web Reverse Shell Privilege escalation

Watcherv 1.4

May 27, 2022  

Work your way through the machine and try to find all the flags you can!

Security Linux nmap Burp Suite Web Reverse Shell Privilege escalation

Library

April 29, 2022  

boot2root machine for FIT and bsides guatemala CTF

Security Hydra SSH Python nmap wfuzz

Dav

April 29, 2022  

boot2root machine for FIT and bsides guatemala CTF

Security Cat Cadaver Tomcat nmap wfuzz

Thompson

April 27, 2022  

read user.txt and root.txt

Security Metasploit Tomcat nmap wfuzz

Back to Top ↑

Privilege escalation

CTF collection Vol.2

July 02, 2022  

Sharpening up your CTF skill with the collection. The second volume is about web-based CTF

Security Linux nmap Burp Suite Web Reverse Shell Privilege escalation

Watcherv 1.4

May 27, 2022  

Work your way through the machine and try to find all the flags you can!

Security Linux nmap Burp Suite Web Reverse Shell Privilege escalation

Glitch final

May 06, 2022  

Challenge showcasing a web app and simple privilege escalation. Can you find the glitch?

Security Linux wfuzz gobuster Burpsuite Web Nodejs Privilege escalation

Jack-of-All-Trades

May 04, 2022  

Boot-to-root originally designed for Securi-Tay 2020

Security Linux Web Javascript Privilege escalation

VulnNet2 Node

May 02, 2022  

After the previous breach, VulnNet Entertainment states it won’t happen again. Can you prove they’re wrong?

Security Linux Web Javascript Privilege escalation

Back to Top ↑

wfuzz

Glitch final

May 06, 2022  

Challenge showcasing a web app and simple privilege escalation. Can you find the glitch?

Security Linux wfuzz gobuster Burpsuite Web Nodejs Privilege escalation

Library

April 29, 2022  

boot2root machine for FIT and bsides guatemala CTF

Security Hydra SSH Python nmap wfuzz

Dav

April 29, 2022  

boot2root machine for FIT and bsides guatemala CTF

Security Cat Cadaver Tomcat nmap wfuzz

Thompson

April 27, 2022  

read user.txt and root.txt

Security Metasploit Tomcat nmap wfuzz

Back to Top ↑

Nodejs

Glitch final

May 06, 2022  

Challenge showcasing a web app and simple privilege escalation. Can you find the glitch?

Security Linux wfuzz gobuster Burpsuite Web Nodejs Privilege escalation

Jason

April 22, 2022  

Jason in JavaScript everything is a terrible mistake.

Security Nodejs Deserialization web

Back to Top ↑

SSH

Library

April 29, 2022  

boot2root machine for FIT and bsides guatemala CTF

Security Hydra SSH Python nmap wfuzz

Anonforce

April 25, 2022  

boot2root machine for FIT and bsides guatemala CTF

Security John Hash FTP SSH

Back to Top ↑

Tomcat

Dav

April 29, 2022  

boot2root machine for FIT and bsides guatemala CTF

Security Cat Cadaver Tomcat nmap wfuzz

Thompson

April 27, 2022  

read user.txt and root.txt

Security Metasploit Tomcat nmap wfuzz

Back to Top ↑

Javascript

Jack-of-All-Trades

May 04, 2022  

Boot-to-root originally designed for Securi-Tay 2020

Security Linux Web Javascript Privilege escalation

VulnNet2 Node

May 02, 2022  

After the previous breach, VulnNet Entertainment states it won’t happen again. Can you prove they’re wrong?

Security Linux Web Javascript Privilege escalation

Back to Top ↑

gobuster

Couch

May 08, 2022  

Hack into a vulnerable database server that collects and stores data in JSON-based document formats, in this semi-guided challenge.

Security Linux Burp Cyberchef hash gobuster Web

Glitch final

May 06, 2022  

Challenge showcasing a web app and simple privilege escalation. Can you find the glitch?

Security Linux wfuzz gobuster Burpsuite Web Nodejs Privilege escalation

Back to Top ↑

Burp Suite

CTF collection Vol.2

July 02, 2022  

Sharpening up your CTF skill with the collection. The second volume is about web-based CTF

Security Linux nmap Burp Suite Web Reverse Shell Privilege escalation

Watcherv 1.4

May 27, 2022  

Work your way through the machine and try to find all the flags you can!

Security Linux nmap Burp Suite Web Reverse Shell Privilege escalation

Back to Top ↑

Reverse Shell

CTF collection Vol.2

July 02, 2022  

Sharpening up your CTF skill with the collection. The second volume is about web-based CTF

Security Linux nmap Burp Suite Web Reverse Shell Privilege escalation

Watcherv 1.4

May 27, 2022  

Work your way through the machine and try to find all the flags you can!

Security Linux nmap Burp Suite Web Reverse Shell Privilege escalation

Back to Top ↑

slae

TCP bind shellcode

November 18, 2018  

A bind shellcode listens on a socket, waiting for a connection to be made to the server then executes arbitrary code, typically spawning shell for the connecting user. This post demonstrates a simple TCP bind shellcode that executes a shell.

slae assembly tcp bind shellcode

Back to Top ↑

assembly

TCP bind shellcode

November 18, 2018  

A bind shellcode listens on a socket, waiting for a connection to be made to the server then executes arbitrary code, typically spawning shell for the connecting user. This post demonstrates a simple TCP bind shellcode that executes a shell.

slae assembly tcp bind shellcode

Back to Top ↑

tcp bind shellcode

TCP bind shellcode

November 18, 2018  

A bind shellcode listens on a socket, waiting for a connection to be made to the server then executes arbitrary code, typically spawning shell for the connecting user. This post demonstrates a simple TCP bind shellcode that executes a shell.

slae assembly tcp bind shellcode

Back to Top ↑

buffer overflow

Buff - Hack The Box

November 21, 2020  

Buff is pretty straightforward: Use a public exploit against the Gym Management System, then get RCE. Do some port-forwarding, then use another exploit (buffer overflow against Cloudme Sync) to get Administrator access.

buffer overflow cve windows file upload cloudme sync

Back to Top ↑

cve

Buff - Hack The Box

November 21, 2020  

Buff is pretty straightforward: Use a public exploit against the Gym Management System, then get RCE. Do some port-forwarding, then use another exploit (buffer overflow against Cloudme Sync) to get Administrator access.

buffer overflow cve windows file upload cloudme sync

Back to Top ↑

windows

Buff - Hack The Box

November 21, 2020  

Buff is pretty straightforward: Use a public exploit against the Gym Management System, then get RCE. Do some port-forwarding, then use another exploit (buffer overflow against Cloudme Sync) to get Administrator access.

buffer overflow cve windows file upload cloudme sync

Back to Top ↑

file upload

Buff - Hack The Box

November 21, 2020  

Buff is pretty straightforward: Use a public exploit against the Gym Management System, then get RCE. Do some port-forwarding, then use another exploit (buffer overflow against Cloudme Sync) to get Administrator access.

buffer overflow cve windows file upload cloudme sync

Back to Top ↑

cloudme sync

Buff - Hack The Box

November 21, 2020  

Buff is pretty straightforward: Use a public exploit against the Gym Management System, then get RCE. Do some port-forwarding, then use another exploit (buffer overflow against Cloudme Sync) to get Administrator access.

buffer overflow cve windows file upload cloudme sync

Back to Top ↑

python

Break Out The Cage - TryHackMe

April 18, 2022  

Let’s find out what his agent is up to….

python steg rot13

Back to Top ↑

steg

Break Out The Cage - TryHackMe

April 18, 2022  

Let’s find out what his agent is up to….

python steg rot13

Back to Top ↑

rot13

Break Out The Cage - TryHackMe

April 18, 2022  

Let’s find out what his agent is up to….

python steg rot13

Back to Top ↑

CVE

Ollie - TryHackMe

April 19, 2022  

Meet the world’s most powerful hacker dog!

CVE Security Ollie Exploit

Back to Top ↑

Ollie

Ollie - TryHackMe

April 19, 2022  

Meet the world’s most powerful hacker dog!

CVE Security Ollie Exploit

Back to Top ↑

Exploit

Ollie - TryHackMe

April 19, 2022  

Meet the world’s most powerful hacker dog!

CVE Security Ollie Exploit

Back to Top ↑

Deserialization

Jason

April 22, 2022  

Jason in JavaScript everything is a terrible mistake.

Security Nodejs Deserialization web

Back to Top ↑

web

Jason

April 22, 2022  

Jason in JavaScript everything is a terrible mistake.

Security Nodejs Deserialization web

Back to Top ↑

John

Anonforce

April 25, 2022  

boot2root machine for FIT and bsides guatemala CTF

Security John Hash FTP SSH

Back to Top ↑

Hash

Anonforce

April 25, 2022  

boot2root machine for FIT and bsides guatemala CTF

Security John Hash FTP SSH

Back to Top ↑

FTP

Anonforce

April 25, 2022  

boot2root machine for FIT and bsides guatemala CTF

Security John Hash FTP SSH

Back to Top ↑

Metasploit

Thompson

April 27, 2022  

read user.txt and root.txt

Security Metasploit Tomcat nmap wfuzz

Back to Top ↑

Windows

Investigating Windows

April 28, 2022  

A windows machine has been hacked, its your job to go investigate this windows machine and find clues to what the hacker might have done.

Security Windows CMD FW

Back to Top ↑

CMD

Investigating Windows

April 28, 2022  

A windows machine has been hacked, its your job to go investigate this windows machine and find clues to what the hacker might have done.

Security Windows CMD FW

Back to Top ↑

FW

Investigating Windows

April 28, 2022  

A windows machine has been hacked, its your job to go investigate this windows machine and find clues to what the hacker might have done.

Security Windows CMD FW

Back to Top ↑

Cat

Dav

April 29, 2022  

boot2root machine for FIT and bsides guatemala CTF

Security Cat Cadaver Tomcat nmap wfuzz

Back to Top ↑

Cadaver

Dav

April 29, 2022  

boot2root machine for FIT and bsides guatemala CTF

Security Cat Cadaver Tomcat nmap wfuzz

Back to Top ↑

Hydra

Library

April 29, 2022  

boot2root machine for FIT and bsides guatemala CTF

Security Hydra SSH Python nmap wfuzz

Back to Top ↑

Python

Library

April 29, 2022  

boot2root machine for FIT and bsides guatemala CTF

Security Hydra SSH Python nmap wfuzz

Back to Top ↑

Burpsuite

Glitch final

May 06, 2022  

Challenge showcasing a web app and simple privilege escalation. Can you find the glitch?

Security Linux wfuzz gobuster Burpsuite Web Nodejs Privilege escalation

Back to Top ↑

Burp

Couch

May 08, 2022  

Hack into a vulnerable database server that collects and stores data in JSON-based document formats, in this semi-guided challenge.

Security Linux Burp Cyberchef hash gobuster Web

Back to Top ↑

Cyberchef

Couch

May 08, 2022  

Hack into a vulnerable database server that collects and stores data in JSON-based document formats, in this semi-guided challenge.

Security Linux Burp Cyberchef hash gobuster Web

Back to Top ↑

hash

Couch

May 08, 2022  

Hack into a vulnerable database server that collects and stores data in JSON-based document formats, in this semi-guided challenge.

Security Linux Burp Cyberchef hash gobuster Web

Back to Top ↑