TryHackMe IDE
A short write-up of the TryHackMe IDE room
I recently found a critical vulnerability on a private program on HackerOne that allowed me to get their Amazon Web
XXE to AWS metadata disclosure Read Post »
Heroku subdomain takeovers are possible for herokuapp.com CNAMEs, and can be identified by the ‘No such app’ page: And a
Subdomain Takeovers: Heroku Read Post »
I often get asked ‘how do I find my first bug’ on the Hacker101 Discord channel. This article is an
How to find your first bug Read Post »
HackerOne recently held a CTF with the objective to hack a fictitious bounty payout application. While my write-up of this
H1-2006 CTF Write-up Read Post »
Traverxec is rated as an easy box on HackTheBox. User As with all HackTheBox machines I started with an nmap
HackTheBox Traverxec Read Post »
Nahamsec recently created a CTF when he reached 30k Twitter followers. The only information he gave was here, so there
Nahamsec CTF write-up Read Post »
Bitlab is rated as a medium box on HackTheBox. User As is usual with HackTheBox, I started with an nmap
Seeing as I recently got my first bug report resolved and was even rewarded a bounty for it, I thought
From 0 to Bug Hunter – My Journey Read Post »
Heist is an easy Windows box on HackTheBox, however since I have very little experience with Windows, I found it
‘Networked’ is rated as an easy machine on HackTheBox User The usual nmap scan revealed the following open ports: Running
HackTheBox Networked Read Post »
‘Haystack’ is rated as an easy machine on HackTheBox. USER Running nmap on the machine showed that only a few
HackTheBox Haystack Read Post »