Penetration Testing

cheat sheet / Network Security

Netcat (nc) Commands Cheat Sheet

by
Netcat (nc) Commands Cheat Sheet

Introduction Netcat, often hailed as the “Swiss Army knife” of the networking world, is a remarkably versatile command-line utility capable of performing a wide spectrum of network-related tasks. From conducting simple port scans to facilitating intricate network debugging processes, Netcat’s inherent flexibility renders it an indispensable tool for system administrators, network engineers, security professionals, and even software developers. This cheat sheet aims to provide a

Continue Reading →
Red Team

Linux Security Auditing with Lynis

by
LInux SecurIty AudItIng wIth LynIs

Introduction In today’s digital world, system security has become more critical than ever with the rise of cyber attacks. The Linux operating system is widely used in many different environments, including servers, desktops, and embedded systems. Therefore, ensuring the security of Linux systems is of critical importance. This is where Lynis comes in. Lynis is an open-source security auditing tool developed for Linux, macOS, and Unix-based

Continue Reading →
web security

CeWL Cheat Sheet: A Comprehensive Guide

by
CeWL Cheat Sheet A Comprehensive Guide

Introduction CeWL (Custom Word List generator) is a powerful and versatile tool widely utilized in the field of cybersecurity, particularly in penetration testing. This tool enables security professionals to create custom wordlists by crawling specific websites, which can then be employed in various security assessments, including password cracking. The ability to generate tailored wordlists based on the vocabulary and content of a

Continue Reading →
Ctf Challenges

MD2PDF TryHackMe Walkthrough

by
MD2PDF TryHackMe Walkthrough

Introduction The MD2PDF TryHackMe Walkthrough room on TryHackMe offers an engaging and educational experience for individuals interested in the world of cybersecurity, particularly in web application vulnerabilities. This challenge is structured to guide participants through the process of exploiting a web application that converts Markdown files into PDF documents. By navigating through various stages of the challenge, users will

Continue Reading →
Ctf Challenges

Relevant TryHackMe Walkthrough

by
Relevant TryHackMe Walkthrough

Introduction The “Relevant” room on TryHackMe offers an immersive and practical experience for individuals interested in the field of penetration testing. This challenge simulates a real-world scenario where participants are tasked with identifying and exploiting vulnerabilities within a Windows environment. The exercise is designed to enhance skills in reconnaissance, exploitation, and privilege escalation, making it an invaluable resource for both newcomers and

Continue Reading →
active directory security / Red Team

Kerbrute: Enumerating Active Directory Accounts

by
Kerbrute EnumeratIng ActIve DIrectory Accounts

Introduction In the realm of cybersecurity, various tools and techniques are employed to secure systems. One such tool, Kerbrute, is designed to quickly brute-force and enumerate valid Active Directory accounts through Kerberos Pre-Authentication. This article will delve into what Kerbrute is, its role in cybersecurity, how it works, and practical usage examples. Learning Objectives What is Kerbrute? Kerbrute is a command-line tool developed

Continue Reading →
Cyber Security / Red Team

Shodan: A Search Engine for Beginner Hackers

by
Shodan A Search Engine for Beginner Hackers

Introduction In today’s digital landscape, understanding the vulnerabilities of internet-connected devices is crucial for cybersecurity. Shodan has emerged as a unique tool in this domain, often referred to as “the search engine for hackers.” Developed by John Matherly in 2009, Shodan allows users to discover various devices connected to the internet, providing insights that can be invaluable for both security professionals and malicious

Continue Reading →
Ctf Challenges

DC-1 Capture The Flag Vulnhub Walkthrough

by
DC-1 Vulnhub Walkthrough

Introduction In the ever-evolving field of cybersecurity, hands-on experience is essential for developing the skills necessary to identify and mitigate vulnerabilities. Capture The Flag (CTF) challenges are a popular way for aspiring penetration testers to practice their skills in a controlled environment. One such challenge is the DC-1 CTF, hosted on VulnHub, which is designed specifically for beginners. The DC-1 CTF provides participants

Continue Reading →
Ctf Challenges

OnSystemsHellDredd Offsec Walkthrough

by
OnSystemsHellDredd Offsec Walkthrough

Introduction OnSystemsHellDredd is a Capture The Flag (CTF) machine provided by Offensive Security. This machine contains various vulnerabilities that are ideal for penetration testing and security research. CTF events offer participants the opportunity to discover vulnerabilities they may encounter in real-world scenarios and exploit these vulnerabilities to gain access to systems. This OnSystemsHellDredd Offsec Walkthrough will detail the steps needed

Continue Reading →