You’ve discovered a web vulnerability, now comes the exciting part: crafting a proof of concept (POC) to demonstrate its exploitability! With the right tips and tricks at your disposal, you can str...

Today I had some time left to hack a simple machine. After looking quickly on HTB I found a machine that might be fun. Cicada is an easy Windows Active Directory machine that serves as an excellent...

PEN300 also known as OSEP is a course not just about learning the technical skills of penetration testing; it’s a deep dive into the complexities of cybersecurity that pushes you to think criticall...

The Hack The Box “Forest” vulnerable machine is an exceptional resource for cybersecurity enthusiasts, particularly those preparing for certifications like OSCP and OSEP. This machine has setup an ...

In today’s digital landscape, APIs (Application Programming Interfaces) are very important in modern websites and applications. They facilitate seamless communication between different software sys...

It took a while before I posted something on my blog again. This was partly because after obtaining OSWA, I fully committed myself to OSEP in addition to my work and a holiday was planned. Currentl...

Last week I did pass the OffSec Web Assessor (OSWA) exam from Offsec. This is a hands-on exam and is 23 hours and 45 minutes long before the lab time ends. In the next 24 hours you have to deliver ...

In this Hack The Box challenge, you will be tasked with exploiting a SQL injection vulnerability and reusing passwords to gain privileged access to a vulnerable machine. This challenge is designed ...

The box takes us back to the early days of HackTheBox, featuring an old version of the platform that includes the old hackable invite code. By exploiting this vulnerability, you’ll be able to creat...

Get ready to dive into the world of Linux hacking with RedPanda, a beginner-friendly machine that’s just waiting to be exploited. The machine’s website features a search engine built using Java Spr...