-
Techniques for Dumping SAM on Windows
If you’ve ever wanted to understand how credentials are stored and protected in Windows, you’ve probably heard of the SAM (Security Account Manager). It’s essentially the file where Windows keeps user passwords, and while it’s protected, there are ways to access it—especially for security audits and ethical testing. In this… Continue ⇢
-
Revisiting EternalBlue & Breakdown of Exploit-DB 42031
EternalBlue, one of the most notorious exploits in cybersecurity history, took advantage of a vulnerability in Microsoft’s SMB protocol (MS17-010). It first gained global attention during the 2017 WannaCry ransomware attack, where it enabled rapid, uncontrolled spread across unpatched systems. This exploit, originally developed by the NSA and leaked by… Continue ⇢
-
Top ATS-Optimized Keywords for Cybersecurity Jobs
The cybersecurity job market is more competitive than ever, with top positions attracting hundreds of qualified candidates. While your experience and skills matter immensely, there’s a crucial first step that many security professionals overlook: getting your résumé past the Applicant Tracking System (ATS). In this guide, we’ll walk you through… Continue ⇢
-
Proving Grounds Practice: Shifty Walkthrough
Today, we will take a look at Shifty, a Try Harder Linux box on Proving Grounds Practice. This box exploits a deserialization vulnerability in a Memcached application. Privilege escalation is achieved by exploiting a hardcoded encryption key in a backup program, which allows us to decrypt sensitive files. Enumeration Nmap… Continue ⇢
-
Proving Grounds Practice: BadCorp Walkthrough
Today, we are going to walk through BadCorp, a Try Harder Linux machine from Proving Grounds Practice. This box requires brute-forcing FTP credentials and leveraging an exposed private SSH key to gain a foothold. Then, we’ll perform privilege escalation by reverse engineering a custom SUID binary to gain root access.… Continue ⇢
-
Proving Grounds Practice: BlackGate Walkthrough
Today, we will take a look at BlackGate, a Try Harder Linux machine on Proving Grounds Practice. This box requires us to get an initial foothold via a vulnerable Redis service then requires us to perform privilege escalation by utilizing a return-object programming (ROP) attack on a custom binary that’s… Continue ⇢
-
Google Dork of the Week: site:api.*.* inurl:v1 | inurl:v2 | inurl:v3 | inurl:v4
Manual reconnaissance is often the key to uncovering vulnerabilities that are often missed by automated scanners. Today, we’ll explore a Google dork that can be leveraged to identify publicly exposed and potentially vulnerable API endpoints: site:api.*.* inurl:v1 | inurl:v2 | inurl:v3 | inurl:v4 Breaking Down the Google Dork Why This… Continue ⇢
-
Proving Grounds Practice: MegaVolt Walkthrough
Let’s walk through MegaVolt, a Try Harder Linux box on Proving Grounds Practice. Enumeration Nmap Scan We begin with a basic Nmap scan to identify open ports and services: richie@kali:~$ sudo nmap 192.168.120.110 Starting Nmap 7.80 ( https://nmap.org ) at 2024-10-07 00:07 EDTNmap scan report for 192.168.120.110Host is up (0.33s… Continue ⇢
-
Proving Grounds Practice: Glider Walkthrough
Let’s walk through Glider, a Hard Linux machine in Proving Grounds Practice. Glider requires you to exploit a vulnerable web application by leveraging an XML External Entity (XXE) attack, performing source code analysis, and executing a Man-in-the-Middle (MitM) attack against an MQTT server to achieve root access. Initial Enumeration We… Continue ⇢
You must be logged in to post a comment.