TECHNICAL Nmap MS-SQL Server Recon Learn how to conduct recon missions against MS-SQL server using Nmap.
TECHNICAL Blue Team Detection: nJRat Cybersecurity engineer Charlie Crane on detecting malware by its behaviors which are relatively persistent and common across many malware flavors.
TECHNICAL HTB Delivery Walkthrough Resident HTB specialist Andy From Italy returns to crack another challenge, this time he takes on the Delivery box.
TECHNICAL How to Hack An Insecure Web App: OWASP WebGoat Challenge (Part 2) Mars Groves teaches us how to steal credit cards from a database as part of the OWASP WebGoat challenge.
TECHNICAL Attack Defense: Windows Basic Exploitation #8 Part 8 of our popular attack/defense series on basic windows exploitation.
TECHNICAL Attack Defence: Windows Basic Exploitation #7 In this article, you will learn how to exploit an OSGi Console using metasploit and gain access to your target system.
TECHNICAL Understanding Linux Cron Jobs Understanding the tole of Linux cron jobs and how they can help you during penetration tests.
TECHNICAL Hacking GraphQL for Fun and Profit (2): Methodology & Examples Part two of our popular series on hacking GraphQL for Fun and profit. In this article we focus on the methodology.
TECHNICAL Recon Basics: Tornado Webserver Tornado is a python webserver framework developed by FriendFeed. It can scale to tens of thousands of open connections, making it ideal for WebSockets.
TECHNICAL Attack Defence: Windows Basic Exploitation #6 Learn how to exploit CGI Servlet in Apache Tomcat in part six of basic windows exploitation.
TECHNICAL Client-Side Encryption Bypass (2) Part two in Sameer Bhatt's series on client-side encryption bypass.
TECHNICAL Gunicorn Recon Basics Part three of Gurkirat Singh's series on web server reconnaissance, this time focusing on Gunicorn.
TECHNICAL Recon Basics: Apache Server A writeup of the Attatck/Defence lab for learning Apache webserver recon.
TECHNICAL Client-Side Encryption Bypass using DevTools Part-1 In this article, we will discuss the extra security layer implemented inside application encryption mechanisms.
TECHNICAL Learn How To Build A Low-Cost Rubber Ducky Type Device Learn how to build a low-cost Rubber Ducky device to execute an attack seen on the Mr. Robot TV show.
TECHNICAL Bypass Strict Input Validation With Remove Prefix and Suffix Patterns Learn how to bypass strict input validation on a web app that prevents you from sending RCE payloads.
TECHNICAL Attack Defence: Windows Basic Exploitation #5 Part five in our series on basic windows exploitation, in this episode we focus on exploiting the Apache Tomcat webserver.
TECHNICAL HTB Passage Walkthrough Welcome back to another of my HackTheBox walk throughs, this time I will take on the Simple machine. It gets a bit tricky to understand how to proceed for the root flag. Let's
TECHNICAL Attack Defence: Windows Basic Exploitation #4 Hello everyone, I have returned to tackle part four of my series on Windows exploitation, in this episode you will learn how to exploit Process Builder utility to gain access to windows environment.
TECHNICAL HTB Academy Walkthrough This time I will be taking on the Academy box, join me on this technical HackTheBox walkthrough.