Similar Posts
![THM – Principles of Security – Part 2](https://book.ghanim.no/wp-content/uploads/2021/12/pexels-pixabay-60504-768x512.jpg)
THM – Principles of Security – Part 2
This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsPrinciples of PrivilegesSecurity Models ContinuedThe Bell-La Padula ModelBiba ModelThreat Modelling & Incident Response Principles of Privileges The levels of access given to individuals are determined on two primary…
![THM – SQL Injection – Part 12](https://book.ghanim.no/wp-content/uploads/2022/01/caspar-camille-rubin-fPkvU7RDmCo-unsplash-768x512.jpg)
THM – SQL Injection – Part 12
This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsWhat is a database?What are tables?Columns:ROWS:What is SQL?What is SQL Injection?What does it look like?Article 2 is locked as privateIn-Band SQLiIn-Band SQL InjectionError-Based SQL InjectionUnion-Based SQL InjectionPractical1 UNION…
![THM – Walking An Application – Part 3](https://book.ghanim.no/wp-content/uploads/2021/12/code-geb6610828_1920-768x512.jpg)
THM – Walking An Application – Part 3
This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsIntroductionExploring The WebsiteViewing the Page SourceHow do I view the Page Source?Let’s view some Page Source!Developer Tools – InspectorDeveloper ToolsInspectorDeveloper Tools – DebuggerDeveloper Tools – DebuggerDeveloper Tools –…
![Command And Control – C2 Framework](https://book.ghanim.no/wp-content/uploads/2022/10/wp7177528-768x480.webp)
Command And Control – C2 Framework
This is a list of Command and control (C2) servers that I’ve tested. Table Of ContentsCovenantInstallation and setupLisenersGruntsPowershell-Empire with StarkillerPoshC2GodGenesisMetasploitSliverInstallSliver and MetasploitBeacon vs sessionExtensions (Armory)CheatsheetExample getting beacon with msfBypassing defender with staged process hollowingHavoc C2InstallInstall the dependenciesUbuntu 20.04 / 22.04Kali and other Debian based Distros only.Debian 10/11Building the TeamserverBuilding the ClientClient Covenant Installation and setup…
![THM – SSRF – Part 9](https://book.ghanim.no/wp-content/uploads/2021/12/image-53-768x404.png)
THM – SSRF – Part 9
This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsWhat is an SSRF?Types of SSRFWhat’s the impact?SSRF ExamplesFinding an SSRFDefeating Common SSRF DefensesDeny ListAllow ListOpen Redirect What is an SSRF? SSRF stands for Server-Side Request Forgery. It’s…
![THM – Active Directory Basics – Part 18](https://book.ghanim.no/wp-content/uploads/2021/09/activeDirectory-1-768x310.png)
THM – Active Directory Basics – Part 18
This is a continued series where I document my path through different tryhackme courses. I recommend everyone that wants to learn cyber security to subscribe to tryhackme.com and take the courses there. Table Of ContentsIntroductionPhysical Active DirectoryThe ForestUsers + GroupsTrusts + PoliciesActive Directory Domain Services + Authentication Introduction Active Directory is the directory service for…