Similar Posts

THM – Windows Privilege Escalation – Part 16
This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsIntroductionInformation GatheringPermissionsUser enumerationCollection System InformationSearching filesCommand breakdown:Path LevelNetwork ConnectionsScheduled TasksDriversAntivirusTools of the tradeWinPEASPowerUpWindows Exploit SuggesterMetasploitVulnerable SoftwareDLL HijackingIntroduction to DLL FilesFinding DLL Hijacking VulnerabilitiesCreating a malicious DLL fileUnquoted Service…

THM – Cross-site scripting (XSS) – Part 10
This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsXSS PayloadsWhat is a payload?Proof of ConceptSession StealingKey LoggerExampleBusiness LogicReflected XSSExample ScenarioPotential ImpactHow to test for Reflected XSSStored XSSExample ScenarioHow to test for Stored XSSDOM Based XSSWhat is…

THM – Network Services – MySQL – Part 8
Table Of ContentsUnderstanding MySQL Enumerating MySQL Exploit MySQL Understanding MySQL What is MySQL? In its simplest definition, MySQL is a relational database management system (RDBMS) based on Structured Query Language (SQL). Database: A database is simply a persistent, organized collection of structured data. RDBMS: A software or service used to create and manage databases based on a relational model. The word “relational” just menas…

THM – Intro to pentesting – Fundamentals – Part 1
This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsPenetration testing ethicsRules of Engagement (ROE)Penetration Testing MethodoligiesOSSTMMOWASPNIST Cybersecurity Framework 1.1NCSC CAFBlack box, White box, Grey box penetration testingBlack-Box testingGrey-box testingWhite-Box Testing Penetration testing ethics Hat Category Description…

THM – Content Discovery – Part 4
This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsWhat is content Discovery?Manual Discovery – Robots.txtRobots.txtManual Discovery – FaviconFaviconManual Discovery – Sitemap.xmlSitemap.xmlManual Discovery – HTTP HeadersHTTP HeadersManual Discovery – Framework StackFramework StackOSINT – Google Hacking/DorkingGoogle Hacking /…

TryHackMe – Network Fundementals – Part 1
Table Of ContentsForewordsIntroduction NetworkingThe OSI Model: OverviewEncapsulationTCP/IP Forewords In this blog series I will write down my notes from the courses I take from TryHackMe. This series is from the Complete beginner course where I will go through Network security, Web App security, different tools I use etc. I recommend anyone wanting to learn pentesting…