WebGoat Without password Challenge

InfoSec Write-ups - Medium-- WebGoat Without password challengeSecond WebGoat challenge, we have to log in as Larry, let’s see what’s in hereThe “Forgot Password” link is fake and not much in HTML sourceBurp shows that, apart from the request to /WebGoat/Challenge5.lesson.lesson and its HTML, there is not much else when requesting the pageThere is a /WebGoat/lesson_css/challenge6.css file loaded … Continue reading WebGoat Without password Challenge

TryHackMe: Break Out The Cage 1 Write-up

InfoSec Write-ups - Medium-- Easy level CTF ChallengeNo need to wait; connect to your OpenVPN network and join the room.Task 1 Investigate!After deploying the machine, you will get your machine IP in one min. Let us start by scanning the machine through Nmap.nmap -sV -sC -A <machine_ip>Nmap Scan results2. Let’s search for hidden extensions in HTTP through Gobuster Tool.gobuster … Continue reading TryHackMe: Break Out The Cage 1 Write-up

LAN Captive portal — beginners Guide

InfoSec Write-ups - Medium-- LAN Captive portal — beginners GuideCaptive Portals are a common security procedure, used consistently on your wifi network for guests or even when outsource employees work within your internal LAN, connecting through ethernet wall sockets.One way to do so is to enforce it by creating a VLAN ( virtual LAN ) on your subnet … Continue reading LAN Captive portal — beginners Guide

Understanding & Exploiting: Cross-Site Request Forgery — CSRF vulnerabilities

InfoSec Write-ups - Medium-- Understanding & Exploiting: Cross-Site Request Forgery — CSRF vulnerabilitiesCross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unintended actions on a web application in which they are currently authenticated. With a little social engineering, an attacker may force the users of a web application to execute actions of … Continue reading Understanding & Exploiting: Cross-Site Request Forgery — CSRF vulnerabilities

How to start Bug Bounty?

InfoSec Write-ups - Medium-- Simple Methodology to follow when starting a bug bountyPhoto by TechGig.comProject TrackingKeep track of site-hierarchy, tools output, interesting notes, etc.We can use mind-maps to visualize large scope by bug bounty hunting targets and allows them to break up methodology for in-depth bug hunting as well.Mission-wide recon is the art of discovering as many assets … Continue reading How to start Bug Bounty?

Bypass AMSI in PowerShell — A Nice Case Study

InfoSec Write-ups - Medium-- Bypass AMSI in PowerShell — A Nice Case StudyIn one of the RedTeam projects, I was looking to use BloodHoundAD Script. BloodHound is a single page JavaScript web application, built on top of Linkurious, compiled with Electron, with a Neo4j database fed by a C# data collector. BloodHound uses graph theory to reveal the … Continue reading Bypass AMSI in PowerShell — A Nice Case Study