Notes

Protected: OSCP Prep

Byaghanim April 8, 2022

Notes

OSEP Checklist
Byaghanim November 9, 2023December 15, 2023

OSEP/osep_checklistv2.md at main · In3x0rabl3/OSEP · GitHub Web Application: MSSQL: Privilege Escalation: Windows Linux Lateral Movement:

Read More OSEP Checklist
Notes

THM – Upload Vulnerabilities – Part 13
Byaghanim September 26, 2021March 24, 2022

This is a continued series where I document my path through different tryhackme courses. I recommend everyone that wants to learn cyber security to subscribe to tryhackme.com and take the courses there. Table Of ContentsIntroductionMethodology – EnumerationOverwriting Existing FilesRemote Code ExecutionFilteringClient-side filteringServer-side filteringExtension ValidationFile Type FilteringFile Length FilteringFile Name FilteringFile Content FilteringBypassing Client-side FilteringBypassing Server-Side…

Read More THM – Upload Vulnerabilities – Part 13
Notes

THM – SQL Injection – Part 12
Byaghanim January 1, 2022January 25, 2022

This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsWhat is a database?What are tables?Columns:ROWS:What is SQL?What is SQL Injection?What does it look like?Article 2 is locked as privateIn-Band SQLiIn-Band SQL InjectionError-Based SQL InjectionUnion-Based SQL InjectionPractical1 UNION…

Read More THM – SQL Injection – Part 12
Notes

THM – Windows Exploitation Basics – Part 17
Byaghanim September 29, 2021January 25, 2022

This is a continued series where I document my path through different tryhackme courses. I recommend everyone that wants to learn cyber security to subscribe to tryhackme.com and take the courses there. Table Of ContentsWindows file system and permissions explainedUnderstanding the authentication process Windows file system and permissions explained What is the file system? It…

Read More THM – Windows Exploitation Basics – Part 17
Notes

Pivoting and port forwarding guide
Byaghanim August 25, 2022June 1, 2023

This is notes taken from the THM room ‘Wreath’, which is a great room for learning Active Directory and pivoting. https://www.tryhackme.com/room/wreath And from other sources. Table Of ContentsSummaryWhat is pivoting?High level overviewEnumerationProxychains & FoxyProxyProxychainsFoxyProxySSH Tunnelig / Port ForwardingForward ConnectionsNMAP with SSH proxyReverse ConnectionsSSH Remote Port Forwarding (From PDF)SSH Local Port ForwardingPlink.exeSocatReverse Shell RelayPort Forwarding —…

Read More Pivoting and port forwarding guide
Notes

THM – OWASP Top 10 – Part 12
Byaghanim May 22, 2021January 25, 2022

Table Of ContentsIntro [Severity 1] Injection[Severity 1] OS Command Injection[Severity 1] Command Injection Practical [Severity 2] Broken Authentication[Severity 2] Broken Authentication Practical [Severity 3] Sensitive Data exposure (Introduction) [Severity 3] Sensitive Data exposure (Supporting material 1) [Severity 3] Sensitive Data exposure (Supporting material 2) [Severity 3] Sensitive Data exposure (Challenge)[Severity 4] XML External Entity [Severity 4] XML External Entity – eXtensible Markup Language [Severity 4]…

Read More THM – OWASP Top 10 – Part 12

Similar Posts