Protected: OSCP Prep

Last Updated on January 25, 2022 by aghanim This is a continued series where I document my path through different tryhackme courses. I recommend everyone that wants to learn cyber security to subscribe to tryhackme.com and take the courses there. Table Of ContentsDirection og Privilege EscalationEnumerationAbusing SUID/GUID FilesFinding SUID BinariesExploiting Wriitable /etc/passwdEscaping Vi EditorExploiting CrontabExploitning…

Last Updated on January 25, 2022 by aghanim This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsWhat is Command Injection?Discovering Command InjectionExploiting Command InjectionDetecting Blind Command InjectionLinux WindowsRemediating Command InjectionVulnerable FunctionsInput sanitisationBypassing FiltersPractical: Command InjectionWhat user is…

Last Updated on October 3, 2024 by aghanim This is a list of Command and control (C2) servers that I’ve tested. Table Of ContentsCobalt StrikeCovenantInstallation and setupLisenersGruntsPowershell-Empire with StarkillerPoshC2GodGenesisMetasploitSliverLinks and tutorialInstallSliver and MetasploitBeacon vs sessionGenerating HTTP(S) Implants with certificateExtensions (Armory)CheatsheetExample getting beacon with msfBypassing defender with staged process hollowingHavoc C2InstallInstall the dependenciesUbuntu 20.04 / 22.04Kali…

Last Updated on March 24, 2023 by aghanim This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsXSS PayloadsWhat is a payload?Proof of ConceptSession StealingKey LoggerExampleBusiness LogicReflected XSSExample ScenarioPotential ImpactHow to test for Reflected XSSStored XSSExample ScenarioHow…

Last Updated on January 25, 2022 by aghanim Table Of ContentsUnderstanding telnet Enumerating Telnet Exploiting telnet  Understanding telnet  What is telnet?  Telnet is an application protocol which allows you, with the use of telnet client, to connect to and execute commands on a remote machine that’s hosting a telnet server.   The telnet client will establish a connection with the server. The client will then…

Last Updated on January 25, 2022 by aghanim This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsNMAP Live Host DiscoveryNMAP Basic Port ScansTCP FlagsTimingsSummaryNMAP Advanced Port ScansNMAP Post Port Scans NMAP Live Host Discovery Scan Type…