TryHackMe IDE
A short write-up of the TryHackMe IDE room
I recently found a critical vulnerability on a private program on HackerOne that allowed me to get their Amazon Web
XXE to AWS metadata disclosure Read Post »
Heroku subdomain takeovers are possible for herokuapp.com CNAMEs, and can be identified by the ‘No such app’ page: And a
Subdomain Takeovers: Heroku Read Post »
I often get asked ‘how do I find my first bug’ on the Hacker101 Discord channel. This article is an
How to find your first bug Read Post »
HackerOne recently held a CTF with the objective to hack a fictitious bounty payout application. While my write-up of this
H1-2006 CTF Write-up Read Post »
Traverxec is rated as an easy box on HackTheBox. User As with all HackTheBox machines I started with an nmap
HackTheBox Traverxec Read Post »
Bitlab is rated as a medium box on HackTheBox. User As is usual with HackTheBox, I started with an nmap
Heist is an easy Windows box on HackTheBox, however since I have very little experience with Windows, I found it
‘Networked’ is rated as an easy machine on HackTheBox User The usual nmap scan revealed the following open ports: Running
HackTheBox Networked Read Post »
‘Haystack’ is rated as an easy machine on HackTheBox. USER Running nmap on the machine showed that only a few
HackTheBox Haystack Read Post »
‘Writeup’ is rated as an easy machine on HackTheBox. User As always, I started with an nmap scan which revealed
HackTheBox Writeup Read Post »
Today I’m going to write how to get the answers to the security answers for the lost password functionality in
OWASP Juice Shop Cracking Read Post »