Protected: OSCP Prep

Last Updated on January 25, 2022 by aghanim This is a continued series where I document my path through different tryhackme courses. I recommend everyone that wants to learn cyber security to subscribe to tryhackme.com and take the courses there. Table Of ContentsWindows file system and permissions explainedUnderstanding the authentication process Windows file system and…

Last Updated on January 25, 2022 by aghanim Table Of ContentsUnderstanding MySQL Enumerating MySQL Exploit MySQL Understanding MySQL  What is MySQL?   In its simplest definition, MySQL is a relational database management system (RDBMS) based on Structured Query Language (SQL).   Database:   A database is simply a persistent, organized collection of structured data.   RDBMS:   A software or service used to create and manage databases based on…

Last Updated on January 25, 2022 by aghanim Table Of ContentsHow Do We Load Websites?  More HTTPS – Verbs and request formats Cookies  How Do We Load Websites?   Finding the server  A DNS request is made initially. DNS is like a giant phone book that takes a URL and turns it into an IP. You dont have to remember the IP of websites.   The IP address uniquely identifies each internet connected devices, like a web servere or your computer. They are formed of 4 groups of number,…

Last Updated on January 25, 2022 by aghanim This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsWhat is an IDOR?An IDOR ExampleFinding IDORs in Encoded IDsEncoded IDsFinding IDORs and Hashed IDsHashed IDsFinding IDORs in Unpredictable IDsUnpredictable IDsWhere are…

Last Updated on March 24, 2023 by aghanim This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsXSS PayloadsWhat is a payload?Proof of ConceptSession StealingKey LoggerExampleBusiness LogicReflected XSSExample ScenarioPotential ImpactHow to test for Reflected XSSStored XSSExample ScenarioHow…

Last Updated on January 25, 2022 by aghanim Table Of ContentsUnderstanding SMTP Enumerating SMTP Exploiting SMTP  Understanding SMTP  What is SMTP?  SMTP stands for simple mail transfer protocol. It is utilized to handle the sending of emails. In order to support email services, a protocol pair is required, comprising of SMTP and POP/IMAP. Together they allow the user to send outgoing mail and…