Similar Posts
THM – SSRF – Part 9
This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsWhat is an SSRF?Types of SSRFWhat’s the impact?SSRF ExamplesFinding an SSRFDefeating Common SSRF DefensesDeny ListAllow ListOpen Redirect What is an SSRF? SSRF stands for Server-Side Request Forgery. It’s…
AV Evasion 101: Essential Techniques and Concepts
Table Of ContentsSourceGood toolsMalware forums/channels/discordTest payload against AVDefcon – Writing custom backdoor payloads with C#Step by Step for obfuscating codeAV Evasion MindMap – From Start to finishGeneral AV Evasion cheatsheetCheck AV – Running, Exclusion, DisableWindows FirewallPowershell – ASMI bypass methods, Disable AV, etcAMSI BypassBypass CLM (Constrained Language Mode)Bypass loggingDisable MS Defender (Require elevation)Add folder exclusionLSASS…
THM – File Inclusion – Part 8
This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsIntroductionWhat is File inclusion?Why do File inclusion vulnerabilities happen?What is the risk of File inclusion?Path TraversalPath traversalWhat function causes path traversal vulnerabilities in PHP?Local File Inclusion – LFILocal…
THM – Authentication Bypass – Part 6
This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsUsername EnumerationBrute ForceLogical FlawWhat is a Logical Flaw?Logical Flaw ExampleLogic Flaw PracticalCookie TamperingPlain TextHashingEncoding Username Enumeration A helpful exercise to complete when trying to find authentication vulnerabilities is…
THM – Network Services – FTP – Part 4
Table Of ContentsUnderstanding FTP Enumerating FTP Exploiting FTP Understanding FTP What is FTP? File transfer protocol is a protocol used to allow remote transfer of files over a network. It uses a client-server model to do this. It relays command and data in a very efficient way. How does FTP work? A typical FTP session operates using two channels: A command channel A data channel The command channel is used for transmitting commands as well as replies to those commands, while the data channel is used for transferring data. FTP operates using a client-server protocol. The client…
TryHackMe – Network Fundementals – Part 1
Table Of ContentsForewordsIntroduction NetworkingThe OSI Model: OverviewEncapsulationTCP/IP Forewords In this blog series I will write down my notes from the courses I take from TryHackMe. This series is from the Complete beginner course where I will go through Network security, Web App security, different tools I use etc. I recommend anyone wanting to learn pentesting…