Protected: OSCP Prep

Last Updated on January 25, 2022 by aghanim This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsWhat is a database?What are tables?Columns:ROWS:What is SQL?What is SQL Injection?What does it look like?Article 2 is locked as privateIn-Band…

Last Updated on January 25, 2022 by aghanim Table Of ContentsIntroductionNmap switchesOverview  Introduction When a computer runs a network service, it opens a networking construct called a “port” to receive the connection. Ports are necessary for making multiple requests or having multiple services available.  For example, when you load several webpages at once in a web browser,…

Last Updated on January 25, 2022 by aghanim Table Of ContentsUnderstanding telnet Enumerating Telnet Exploiting telnet  Understanding telnet  What is telnet?  Telnet is an application protocol which allows you, with the use of telnet client, to connect to and execute commands on a remote machine that’s hosting a telnet server.   The telnet client will establish a connection with the server. The client will then…

Last Updated on January 25, 2022 by aghanim This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsIntroductionWhat is File inclusion?Why do File inclusion vulnerabilities happen?What is the risk of File inclusion?Path TraversalPath traversalWhat function causes path…

Last Updated on January 25, 2022 by aghanim Table Of ContentsIntro [Severity 1] Injection[Severity 1] OS Command Injection[Severity 1] Command Injection Practical [Severity 2] Broken Authentication[Severity 2] Broken Authentication Practical [Severity 3] Sensitive Data exposure (Introduction) [Severity 3] Sensitive Data exposure (Supporting material 1)  [Severity 3] Sensitive Data exposure (Supporting material 2) [Severity 3] Sensitive Data exposure (Challenge)[Severity 4] XML External…

Last Updated on June 1, 2023 by aghanim This is notes taken from the THM room ‘Wreath’, which is a great room for learning Active Directory and pivoting. https://www.tryhackme.com/room/wreath And from other sources. Table Of ContentsSummaryWhat is pivoting?High level overviewEnumerationProxychains & FoxyProxyProxychainsFoxyProxySSH Tunnelig / Port ForwardingForward ConnectionsNMAP with SSH proxyReverse ConnectionsSSH Remote Port Forwarding (From…