capture the flag, hacking, owasp

@RealTryHackMe #AdventOfCyber Series: Challenge 2 – Elf HR Problems #websecurity #infosec

Another day, another challenge…

In this post, we’re starting a new series the Advent of Cyber series that is hosted by TryHackMe. This is the third year of the Advent of Cyber where a challenge is released everyday leading to Christmas. In total there will be 25 challenges. In these challenges, we’re McSkidy an elf trying to save Christmas.

In our second challenge, we’re presented with a scenario where there are HR problems due to the Grinch and his nefarious activities! In this challenge we learn about HTTP(S) – HyperText Transport Protocol (Secure) which uses a client-server model by sending requests and responses. The challenge also delves into cookies which can be used to store information about a user. We can use cookies to do authentication bypass which means we can log in as another user without their password.

Can we use the topics above to repair the HR system and continue to save Christmas?

Well… click the below video to find out!

If you enjoy my content, buy me a coffee. Link –>