[TRYHACKME] – Precision Walkthrough
🧠 TryHackMe · Precision · Hard — PWN Two Writes, One Shell — Hijacking libc's GOT on a Fully Hardened...
Tutorials
[TRYHACKME] Heartbleed – CTF Writeup
🧠 TryHackMe · Heartbleed · Easy Peeking Behind the TLS Curtain with Heartbleed How a ten-year-old OpenSSL bug turned a...
[HackTheBox] – Snapped Walkthrough
🧠 HackTheBox · Snapped · Medium The Backup That Handed Over Its Own Key Nginx UI unauthenticated backup disclosure →...
[TRY HACK ME] – Operation Endgame Walkthrough
Operation Endgame - TryHackMe Writeup Operation Endgame - TryHackMe Writeup How an anonymous LDAP misconfiguration led to full domain compromise...
[TRYHACKME] – Walkthrough – Message to Garcia
Message to Garcia Message to Garcia Offensive Security Assessment Target 10.81.140.245 Engagement Type CTF Walkthrough Operator Security Researcher Table of...
[HACKTHEBOX] – AirTouch Walkthrough
Attack Narrative We started with normal TCP recon and got low signal. Because the host still responded but TCP offered...
[HACKTHEBOX] – Cap attack narrative with commands and evidence
This chain aligns with the retired HTB machine Cap, centred on an IDOR that exposes PCAP downloads, followed by Linux...
[TryHackMe]: Billing – Walkthrough
Target: billingthmWorkspace: /home/kali/tryhackme/machines/billingEvidence: ./evidenceState: ./status.txt, flags in ./flags.txt 1. Introduction This walkthrough covers the TryHackMe Billing machine. We exploit a...
[TRYHACKME] – Pyrat Walkthrough
Executive Summary We exploited a Python eval service on port 8000 to gain arbitrary code execution, initially as www-data, then...
[TRYHACKME] – Void Execution Challenge
A friendly walkthrough of a slick binary-exploitation challenge: custom shellcode without syscall, ASLR bypass via GOT, and why stack alignment...
TryHackMe Walkthrough: Whats Your Name?
WorldWAP CTF Walkthrough This walkthrough covers the complete exploitation of the WorldWAP machine, detailing each step from reconnaissance to privilege...
TryHackMe Walkthrough : Dodge
Introduction This write-up documents the exploitation lifecycle of the Dodge CTF machine, a complex challenge that emphasised the importance of...
Simplify NordVPN + pfSense WireGuard Configuration with downloadable script + guide.
Introduction Configuring NordVPN's WireGuard (NordLynx) connections with pfSense can be a complex and time-consuming task. To simplify this process, we've...
Try Hack Me: Walkthrough Report – EXPOSED
Walkthrough Report Step 1: Initial Reconnaissance with Nmap Command Executed: nmap -T 5 -p- 10.10.24.135 Findings: The Nmap scan revealed...
Try Hack Me: Injectics Write Up
Difficulty: Medium Time Estimate: 60 mins Introduction The Injectics challenge on TryHackMe involves exploiting a series of vulnerabilities in a...
Using ChatGPT 4o to control Home Assistant
The recent demonstration of OpenAI's GPT-4o model and its impressive voice interaction capabilities highlights how advanced natural language processing can...
Using GitHub Actions to manage CI/CD for Empire
We’ve been using GitHub actions for Empire and Starkiller for quite some time now. It’s been a significant productivity boost...
Why Most Red Teams are Really Pentesters
Something that we have seen increasingly often on Twitter recently is people ostensibly posting about “Red Teams” and how if...
Empire
Today we wanted to cover one of the lesser-known functions in Empire, the ReverseShell stager. The name may not be...
Creating an approval button and workflow in N8N via Telegram
Approval Workflow Example for N8N Have you ever had a workflow automation that needed a human decision to progress a...
How to use Home Assistant / NodeRed to set up Holiday Lights to fake your presence.
So you have a smart home, you have all the lights set up and running as you like but you...
Maldocs Are Evolving
Unless you have been living under an infosec rock the past couple of weeks, you probably heard about the Follina...
Empire 4.5
It has been another exciting week for the team. First we are just a week away for our inaugural course...
Empire 4.4
It has been a while since we have been able to discuss the new features in Empire. We wanted to...
