Protected: OSCP Prep

Last Updated on January 25, 2022 by aghanim Table Of ContentsIntro [Severity 1] Injection[Severity 1] OS Command Injection[Severity 1] Command Injection Practical [Severity 2] Broken Authentication[Severity 2] Broken Authentication Practical [Severity 3] Sensitive Data exposure (Introduction) [Severity 3] Sensitive Data exposure (Supporting material 1)  [Severity 3] Sensitive Data exposure (Supporting material 2) [Severity 3] Sensitive Data exposure (Challenge)[Severity 4] XML External…

Last Updated on January 25, 2022 by aghanim This is a continued series where I document my path through different tryhackme courses. I recommend everyone that wants to learn cyber security to subscribe to tryhackme.com and take the courses there. Table Of ContentsIntroductionPhysical Active DirectoryThe ForestUsers + GroupsTrusts + PoliciesActive Directory Domain Services + Authentication…

Last Updated on January 25, 2022 by aghanim This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsNMAP Live Host DiscoveryNMAP Basic Port ScansTCP FlagsTimingsSummaryNMAP Advanced Port ScansNMAP Post Port Scans NMAP Live Host Discovery Scan Type…

Last Updated on January 25, 2022 by aghanim This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsPenetration testing ethicsRules of Engagement (ROE)Penetration Testing MethodoligiesOSSTMMOWASPNIST Cybersecurity Framework 1.1NCSC CAFBlack box, White box, Grey box penetration testingBlack-Box testingGrey-box…

Last Updated on January 25, 2022 by aghanim This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsWhat is Command Injection?Discovering Command InjectionExploiting Command InjectionDetecting Blind Command InjectionLinux WindowsRemediating Command InjectionVulnerable FunctionsInput sanitisationBypassing FiltersPractical: Command InjectionWhat user is…

Last Updated on January 25, 2022 by aghanim This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsWhat is an SSRF?Types of SSRFWhat’s the impact?SSRF ExamplesFinding an SSRFDefeating Common SSRF DefensesDeny ListAllow ListOpen Redirect What is an…