PEN300 also known as OSEP is a course not just about learning the technical skills of penetration testing; it’s a deep dive into the complexities of cybersecurity that pushes you to think criticall...

The Hack The Box “Forest” vulnerable machine is an exceptional resource for cybersecurity enthusiasts, particularly those preparing for certifications like OSCP and OSEP. This machine has setup an ...

In today’s digital landscape, APIs (Application Programming Interfaces) are very important in modern websites and applications. They facilitate seamless communication between different software sys...

It took a while before I posted something on my blog again. This was partly because after obtaining OSWA, I fully committed myself to OSEP in addition to my work and a holiday was planned. Currentl...

Last week I did pass the OffSec Web Assessor (OSWA) exam from Offsec. This is a hands-on exam and is 23 hours and 45 minutes long before the lab time ends. In the next 24 hours you have to deliver ...

In this Hack The Box challenge, you will be tasked with exploiting a SQL injection vulnerability and reusing passwords to gain privileged access to a vulnerable machine. This challenge is designed ...

The box takes us back to the early days of HackTheBox, featuring an old version of the platform that includes the old hackable invite code. By exploiting this vulnerability, you’ll be able to creat...

Get ready to dive into the world of Linux hacking with RedPanda, a beginner-friendly machine that’s just waiting to be exploited. The machine’s website features a search engine built using Java Spr...

In this post, we’ll provide a step-by-step guide on how to compromise the Photobomb machine, from start to finish. We’ll cover everything from initial reconnaissance to post-exploitation, and we’ll...

In this challenge, we will dive into the Nunchunks machine from HackTheBox. This machine is a great example of a modern web application, utilizing technologies such as Nginx, NodeJS, and Express. T...