Similar Posts

THM – Network Services – MySQL – Part 8
Table Of ContentsUnderstanding MySQL Enumerating MySQL Exploit MySQL Understanding MySQL What is MySQL? In its simplest definition, MySQL is a relational database management system (RDBMS) based on Structured Query Language (SQL). Database: A database is simply a persistent, organized collection of structured data. RDBMS: A software or service used to create and manage databases based on a relational model. The word “relational” just menas…

THM – Network Services – SMTP – Part 7
Table Of ContentsUnderstanding SMTP Enumerating SMTP Exploiting SMTP Understanding SMTP What is SMTP? SMTP stands for simple mail transfer protocol. It is utilized to handle the sending of emails. In order to support email services, a protocol pair is required, comprising of SMTP and POP/IMAP. Together they allow the user to send outgoing mail and retrieving incoming mail, respectively. The SMTP server performs three basic…

THM – File Inclusion – Part 8
This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsIntroductionWhat is File inclusion?Why do File inclusion vulnerabilities happen?What is the risk of File inclusion?Path TraversalPath traversalWhat function causes path traversal vulnerabilities in PHP?Local File Inclusion – LFILocal…

THM – Windows Privilege Escalation – Part 16
This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsIntroductionInformation GatheringPermissionsUser enumerationCollection System InformationSearching filesCommand breakdown:Path LevelNetwork ConnectionsScheduled TasksDriversAntivirusTools of the tradeWinPEASPowerUpWindows Exploit SuggesterMetasploitVulnerable SoftwareDLL HijackingIntroduction to DLL FilesFinding DLL Hijacking VulnerabilitiesCreating a malicious DLL fileUnquoted Service…

THM – NMAP Documentation and Commands – Part 13
This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsNMAP Live Host DiscoveryNMAP Basic Port ScansTCP FlagsTimingsSummaryNMAP Advanced Port ScansNMAP Post Port Scans NMAP Live Host Discovery Scan Type Example Command ARP Scan sudo nmap -PR -sn…

THM – Hashing – Part 14
This is a continued series where I document my path through different tryhackme courses. I recommend everyone that wants to learn cyber security to subscribe to tryhackme.com and take the courses there. Table Of ContentsKey TermsWhat’s a hash function?Uses for hashingRecognizing password hashesPassword CrackingHashing for integrity checking Key Terms Plaintext – Data before encryption or…