Introduction I was inspired by @Frichette_n research about Cloudtrail bypasses and I didn’t find any material or talks discussing how we can attack Cloudtrail. I presented this research @BsidesAB...

TL:DR Hello Folks, I will share my writeup for the Scada Challenge. I hope you enjoy and benefit from the blog post. WatchTower Challenge Description Our infrastructure monitoring system detec...

Table of Content Introduction How to prepare for CRTE Useful blogs Lab Review Exam Should you go for it or not Introduction The purpose of this bl...

Definition : The Lightweight Directory Access Protocol (LDAP) is a directory service protocol that runs on a layer above the TCP/IP stack. It provides a mechanism used to connect to, search, and m...

Introduction An active directory allows network administrators to manage domains, users, and objects in a respective network.  Now, as the network grows, the AD provides a way to organize large nu...

Summary : It’s Banking Application, you can receivce and transfer money with your account, to be able to get ViP access you should have 1.000.000$. Methodology : First thing came into my mind th...

Faculty Scanning : Starting Nmap 7.91 ( https://nmap.org ) at 2022-07-02 20:40 GMT Nmap scan report for faculty.htb (10.129.198.120) Host is up (0.18s latency). Not shown: 65532 closed ports PORT...

Methodology First of all you need to understand that CTF not always like real life senarios. You need to have a methodology only for CTFs. Begain with viewing the page source to see all the endp...

Title : All-in-One Video Gallery plugin <= 2.4.9 - Local File Inclusion (LFI) vulnerability Author: m19o Software : Wordpress 5.8.2 CVE : CVE-2021-24970 Poc : https://example/wordpress/wp-a...

Enumeration< ِNmap TIME!. ِِِAs you can see 80,22,8080 are open. Let`s start checking ِAfter some recon i didn`t found anything in 8080. ِBut i searched for megahosting exploit i f...