InfoSec Write-ups - Medium-- My Journey On Achieving The OSCP CertificationBastionIntroductionWelcome to my second article here on Medium. Today we will be looking at Bastion from HackTheBox. This is a rather realistic box in my opinion and it made a lot of fun. This article will be similiar to my first article, because I will … Continue reading How To Hack: Bastion From HackTheBox

InfoSec Write-ups - Medium-- In this article, I will be demonstrating my approach to completing the Internal Capture The Flag (CTF), a free Penetration Testing Challenge room available on the TryHackMe platform created by TheMayor. I have provided a link to the TryHackMe platform in the references below for anyone interested in trying out this CTF.DisclaimerI … Continue reading TryHackMe: Internal Writeup

InfoSec Write-ups - Medium-- You may have heard the expression: hiding in plain sight. And specifically in IT security there is another expression: security through…Continue reading on InfoSec Write-ups » View original article on InfoSec Write-ups - Medium

InfoSec Write-ups - Medium-- Google ImagesI am not an XSS guy but just started with blind XSS as I was seeing that many hunters are getting easy bounty from it now also. So I just started searching the web for materials and tools to get started with. So I will share my notes, some of … Continue reading All about Blind XSS for beginners

InfoSec Write-ups - Medium-- When putting together a SIEM, one of the first things that you need to decide on is the distributed architecture you’re going to choose. This means analyzing the resources available, as well as the needs of your SOC.Are you monitoring 100, 1000, or 10000 hosts?Do you have budget for commercial tools?How heterogeneous is … Continue reading Building a SIEM: combining ELK, Wazuh HIDS and Elastalert for optimal performance

Learn to exploit a vulnerable CMS(Content Management System) using Remote Code ExecutionContinue reading on InfoSec Write-ups » View original article on InfoSec Write-ups - Medium

[ExpDev] Vulnserver — Part 7Vulnserver — Part 7 (LTER — SEH Overwrite + Restricted Character Set)This will be the 7th vulnserver exploit series. We will be fuzzing and exploiting the vulnerable command LTER this time. We will identify a crash point with an SEH overwrite and circumvent the restricted character sets to introduce our encoded shellcode to gain shell access.Lab EnvironmentOS: Windows 7 (x86)Debugger: … Continue reading [ExpDev] Vulnserver — Part 7

TryHackMe: Overpass 2 — Hacked WalkthroughIn this article, I will be providing a walkthrough for the Overpass 2 — Hacked room, a free room available on the TryHackMe platform created by NinjaJc01. I have provided a link to the TryHackMe platform in the references below for anyone interested in trying out this free room.DisclaimerThis is a walkthrough room and not … Continue reading TryHackMe: Overpass 2 — Hacked Walkthrough

Yeah that’s a story to tell you know.. when you lose yet you win… story of life :PSO let’s get started.. to make it more interesting and to save you time based on your preference to read, I am segregating this blog into three sections, where one talks about the reasons I had not to take … Continue reading How I failed in GCB exam yet won a Brand new expensive Sony TV.

Hiding and extracting data from any file! Continue reading on InfoSec Write-ups »