capture the flag, cybersecurity education, hacking, owasp, web application security

PwnItFridays hackthebox_eu Starting Point Series: Tactics

Another day, another challenge.

I’m restarting the series #PwnItFriday where I hack machines from hackthebox and TryHackMe.

Without further ado, the machine I’m solving today is Tactics.

Topics explored in this machine are network protocols, SMB, reconnaissance, and misconfigurations.

Click the video to learn how to solve this machine!

Like the content — support by Buying a Coffee

capture the flag, cybersecurity education, hacking, owasp, web application security

#PwnItFridays @hackthebox_eu Starting Point Series: Pennyworth

Another day, another challenge.

I’m restarting the series #PwnItFriday where I hack machines from hackthebox and TryHackMe.

Without further ado, the machine I’m solving today is Pennyworth.

Topics explored in this machine are web servers, Jenkins, Java, reconnaissance, remote code execution, and default credentials.

Click the video to learn how to solve this machine!

Like the content — support by Buying a Coffee

capture the flag, cybersecurity education, hacking, owasp, web application security

#PwnItFridays @hackthebox_eu Starting Point Series: Ignition

Another day, another challenge.

I’m restarting the series #PwnItFriday where I hack machines from hackthebox and TryHackMe.

Without further ado, the machine I’m solving today is Ignition.

Topics explored in this machine are web servers, common applications, Magento, reconnaissance, and weak credentials.

Click the video to learn how to solve this machine!

Like the content — support by Buying a Coffee

capture the flag, cybersecurity education, hacking, owasp, web application security

#PwnItFridays @hackthebox_eu Starting Point Series: Preignition

Another day, another challenge.

I’m restarting the series #PwnItFriday where I hack machines from hackthebox and TryHackMe.

Without further ado, the machine I’m solving today is Preignition.

Topics explored in this machine are connecting to a web server, custom applications, reconnaissance, web site structure directories, and default credentials.

Click the video to learn how to solve this machine!

Like the content — support by Buying a Coffee

capture the flag, cybersecurity education, hacking, owasp, web application security

#PwnItFridays @hackthebox_eu Starting Point Series: Explosion

Another day, another challenge.

I’m restarting the series #PwnItFriday where I hack machines from hackthebox and TryHackMe.

Without further ado, the machine I’m solving today is Explosion.

Topics explored in this machine are networking, programming, remote desktop protocol (RDP), reconnaissance, and weak credentials.

Click the video to learn how to solve this machine!

Like the content — support by Buying a Coffee

capture the flag, cybersecurity education, hacking, owasp, web application security

#PwnItFridays @hackthebox_eu Starting Point Series: Synced

Another day, another challenge.

I’m restarting the series #PwnItFriday where I hack machines from hackthebox and TryHackMe.

Without further ado, the machine I’m solving today is Synced.

Topics explored in this machine are connecting to a Rsync server, networking protocols, reconnaissance, and anonymous/guest access.

Click the video to learn how to solve this machine!

Like the content — support by Buying a Coffee

capture the flag, cybersecurity education, hacking, owasp, web application security

#PwnItFridays @hackthebox_eu Starting Point Series: Mongod

Another day, another challenge.

I’m restarting the series #PwnItFriday where I hack machines from hackthebox and TryHackMe.

Without further ado, the machine I’m solving today is Mongod.

Topics explored in this machine are connecting to a web servers, databases, reconnaissance, misconfigurations, and anonymous/guest access.

Click the video to learn how to solve this machine!

Like the content — support by Buying a Coffee

capture the flag, cybersecurity education, hacking, owasp, web application security

#PwnItFridays @hackthebox_eu Staring Point Series: Redeemer Machine

Another day, another challenge.

I’m restarting the series #PwnItFriday where I hack machines from hackthebox and TryHackMe.

Without further ado, the machine I’m solving today is Redeemer.

Topics explored in this machine are connecting to a Redis server, vulnerability assessments, database, reconnaissance, and anonymous/guest access.

Click the video to learn how to solve this machine!

Like the content — support by Buying a Coffee

capture the flag, cybersecurity education, hacking

@RealTryHackMe #AdventOfCyber Series: Challenge 24 – The Year Of The Bandit Yeti #TisTheSeasonForHacking

Another day, another challenge…

In this post, we’re starting a new series, the Advent of Cyber, hosted by TryHackMe. This is the fourth year of the Advent of Cyber, where a challenge is released every day leading to Christmas. There will be 25 challenges; we’re McSkidy, an elf trying to save Christmas.

In our twenty-fourth challenge, we’re wrapping up the final details for Santa to safely deliver presents to the children.

The topics explored in this challenge are a survey of the Advent of Cyber event. Other rooms to explore to continue learning about cybersecurity, and finally, the last day to be eligible to receive prizes is December 28th.

Did the elves save Christmas? Find out below!

If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007

capture the flag, cybersecurity education, hacking

@RealTryHackMe #AdventOfCyber Series: Challenge 21 – Have Yourself A Merry Little Webcam #TisTheSeasonForHacking

Another day, another challenge…

In this post, we’re starting a new series, the Advent of Cyber, hosted by TryHackMe. This is the fourth year of the Advent of Cyber, where a challenge is released every day leading to Christmas. There will be 25 challenges; we’re McSkidy, an elf trying to save Christmas.

In our twenty first challenge, we’re tasked with determining if the web camera on our device has any vulnerabilities. The elves are confident there are no vulnerabilities, but we’ll check to see if there are any off-the-shelf exploits are available to exploit the device.

The topics explored in this challenge are learning what are IoT (Internet of Things), and their (potential security vulnerabilities). The different protocols surrounding IoT. Finally, understanding the publish/subscribe model that is used for IoT.

Can we help Santa find the weaknesses on the web server before the bad guys? Find out below!

If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007