InfoSec Write-ups - Medium-- I am excited to share with you all (readers), how challenging and yet how amusing the CTF was. At certain point I was thinking that what am I doing wrong but as they say ‘No detail is too small.’ So here is my detailed CTF walkthrough of CloudSEK’s CTF EWYL Program.CTF Difficulty … Continue reading CloudSEK CTF Walkthrough (EWYL)

InfoSec Write-ups - Medium-- Exploiting CVE-2020–25213: wp-file-manager wordpress plugin (<6.9) for unauthenticated arbitrary file uploadHello everyone!!Mansoor(@time4ster) is here. This is my first contribution to Infosec community & I hope you would like this write-up.For exploit code you can directly visit to my github repo.DisclaimerI haven’t discovered this vulnerability & neither taking any credits of this CVE. I … Continue reading Exploiting CVE-2020–25213: wp-file-manager wordpress plugin (<6.9)

InfoSec Write-ups - Medium-- One of the key principles of the CIA triad model ( a theoretical model that describes , 3 key components that must be kept to keep your system secure ) is Availability , that is keeping your systems up .The other 2 principals are confidentiality ( the need to encrypt our data ) and … Continue reading Some may call it a DOS attack, i just tried to find how my streamer behaves under stress

InfoSec Write-ups - Medium-- Welcome folks! We are going to do Easy Peasy CTF on TryHackMe. I hope this box is what it is named as well, ‘Easy Peasy’ 😃. We will know…Continue reading on InfoSec Write-ups » View original article on InfoSec Write-ups - Medium

InfoSec Write-ups - Medium-- Link to part 1.Recap: In part 1 we saw general considerations you should keep in mind in order to start setting up your infrastructure, as well as technical steps to setup your domain with SPF and DKIM records. In this part we’ll get to a score of 10/10 and I’ll show you … Continue reading Recipe for a successful phishing campaign (part 2/2)

InfoSec Write-ups - Medium-- Hello All,Today I am trying one of the newest boxes in THM i.e., OWASP Juice shop.OWASP Juice ShopAs you all know the OWASP juice shop is an offline web Application to learn and understand how many different attacks work. Let's solve some of them in TryHackmeIn the 1st Challenge which is reconnaissance. Here … Continue reading THM- OWASP Juice Shop- Part 1

InfoSec Write-ups - Medium-- See how Python can beat Burp Suite in brute-forcing speed and boost your hacking efficiency.Continue reading on InfoSec Write-ups » View original article on InfoSec Write-ups - Medium

InfoSec Write-ups - Medium-- Welcome folks!! We are going to do Bolt CTF on TryHackMe.Continue reading on InfoSec Write-ups » View original article on InfoSec Write-ups - Medium

InfoSec Write-ups - Medium-- Hacking HTTP CORS from inside out: a theory to practice approachForewordHi, there. Hope all of you are fine. Today, we are going to dissect some web application security controls.So, if you ever wondered about the HTTP CORS (Cross-Origin Resource Sharing) inner workings, or never heard about it before, but feel it like … Continue reading Hacking HTTP CORS from inside out

InfoSec Write-ups - Medium-- Introduction to exploit development on Windows_x86_32Continue reading on InfoSec Write-ups » View original article on InfoSec Write-ups - Medium