More results...
In this article, we are going to crack the DC: 9 Boot to Root Challenge and present a detailed walkthrough. The machine depicted in this Walkthrough is hosted on Vulnhub. Credit for making this machine goes to DCAU. Download this lab by clicking here. Penetration Testing Methodology Network Scanning Netdiscover Scan Nmap Scan Enumeration Browsing HTTP Service Exploitation Connection via SSH Post Exploitation Enumeration for Sudo Permissions Reading Root Flag…
In this article, we will learn about this amazing forensic tool called Magnet Internet Evidence finder (Magnet IEF) which is used to recover or extract evidence from the various data source of the system and then integrate them into a single case file for analysis and reporting. Table of Content Introduction Features of Magnet IEF From Drives From Files & Folders From Images From Volume Shadow Copies Introduction Magnet Internet…
In this article, we are going to describe the utility of the BITSAdmin tool and how vital it is in Windows Penetration Testing. TL; DR BITSAdmin is a tool preinstalled on Windows OS that can be used to download malicious files. It is one of the Living Off Land (LOL) Binaries. Disclaimer The main objective of publishing the series of “Windows for Pentester” is to introduce the circumstances and any…
In this article, we will learn how to capture the forensic image of the victim’s hard drives and systems to get help in the investigation. There are multiple ways to do that work and these tools will help us a lot in the process of an investigation so let’s start this process. Table of Content Introduction What is a Forensic image? FTK Imager Belkasoft Acquisition Tool Encase Imager Forensic Imager…
Hello! Everyone and Welcome to yet another CTF challenge from Hack the Box, called ‘Heist,’ which is available online for those who want to increase their skills in penetration testing and Black box testing. Heist is a retired vulnerable lab presented by Hack the Box for making online penetration testing practice suitable to your experience level; they have a large collection of vulnerable labs as challenges ranging from beginner to…
In this article we will be going to learn the how to capture the RAM memory for analysis, there are various ways to do it and let take some time and learn all those different circumstances call for a different measure. What is RAM? RAM is short for Random Access Memory. It is referred to as the main memory of a computer which makes it quite important for a computer…
Sunset: dusk is another CTF challenge given by vulnhub and the level difficulty is set according to beginners and credit goes to whitecr0wz. You have to hunt two flags, and this is a boot to root challenge. Download it from here. Penetration Testing Methodologies Network scanning Nmap netdiscover Enumeration Weak credentials PHP file injection Exploiting RCE Privilege Escalation Sudo rights Docker Walkthrough Network Scanning First of all, we try to…
Me and My Girlfriends is another CTF challenge given by vulnhub and the level difficultly is set according to beginners. You have to hunt two flags, and this is a boot to root challenge. According to author: This VM tells us that there are a couple of lovers namely Alice and Bob, where the couple was originally very romantic, but since Alice worked at a private company, “Ceban Corp”, something…
In this article, we are going to crack the Sunset: sunrise Boot to Root Challenge and present a detailed walkthrough. The machine depicted in this Walkthrough is hosted on Vulnhub. Credit for making this machine goes to whitecr0wz. Download this lab by clicking here. Penetration Testing Methodology Network Scanning Netdiscover Scan Nmap Scan Enumeration Browsing HTTP Service Directory Bruteforce using dirb Enumeration using Searchsploit Exploitation Exploiting the Directory Traversal Reading…
In this article, we are going to crack the UA: Literally Vulnerable CTF Challenge and present a detailed walkthrough. The machine depicted in this Walkthrough is hosted on Vulnhub. Credit for making this machine goes to Syed Umar Arfeen. Download this lab by clicking here. Penetration Testing Methodology Network Scanning Netdiscover Scan Nmap Scan Enumeration Anonymous FTP Login Directory Bruteforce using dirb WordPress Enumeration using WPScan Exploitation Exploiting WordPress using…