HacktheBoxWalkthroughsBurp Setup CASo, Recently had to reinstall kali. I had to setup burp again to work with TLS certs. To properly intercept https traffic.Oct 13, 2019Oct 13, 2019
HacktheBoxWalkthroughsUbuntu 18.04 Vmware Workstation 14.17Recently i moved from elementary to Ubuntu. migrating over to Ubuntu was a bit of a challenge, because i couldn’t Vmware to work. Vmware…Oct 10, 2019Oct 10, 2019
HacktheBoxWalkthroughsUSER INPUT OF DOOMTalk about Bypass passing WAFS, and other mechanism I will be using “Web Application hackers handbook” as my guide. We’ll break this into…Sep 26, 2019Sep 26, 2019
HacktheBoxWalkthroughsVaultNmap showed some ephemeral ports, ssh, HTTP. Gobuster didn’t initially show anything. Tried wfuzz to check for possible subdomains nothing…Apr 6, 2019Apr 6, 2019
HacktheBoxWalkthroughscrappy guide to setting up github static page using powershelthis guide assume’s hugo is already setup. there are three steps to deployment. first creating repo, setup site generator, and lastly…Dec 22, 2018Dec 22, 2018
HacktheBoxWalkthroughsOS Command InjectionNo, probably not what your thinking. I’m talking about web app pen-testing. A lot of programming languages are vulnerable, to command…Dec 18, 2018Dec 18, 2018
HacktheBoxWalkthroughsWALDOInstead of giving binaries system-wide permissions, give them the permissions they need to do the job.Dec 16, 2018Dec 16, 2018
HacktheBoxWalkthroughsPHP Type JugglingPHP has two comparisons loose (==, =!) and strict (===). Strict comparison 1 = 1, but in loose 1 could mean many things 1 could equal true…Dec 8, 2018Dec 8, 2018
HacktheBoxWalkthroughsStenographyHiding messages in plain sight it could be a mp3, jpg whatever. Trying to build up some points on hackthebox and thought I would try out…Dec 8, 2018Dec 8, 2018
HacktheBoxWalkthroughsFTPfile transfer protocol is a terrible service and you should never run it without some kind of protection in front of it. Ive bumped into…Nov 25, 2018Nov 25, 2018