A beginner-friendly writeup on TryHackMe’s Overpass challenge — I am back with another writeup for a new room at TryHackMe. I loved the privilege escalation part in this lab. I will keep this post detailed since I hope beginners can learn a lot from this writeup. 🙂 TryHackMe | Overpass TryHackMe is an online platform for learning and teaching cyber security, all through your browser.tryhackme.com

Using John the Ripper! — Upgrade your ethical hacking skills through this A to Z Cyber Security Training Bundle (Limited Time Offer!) Step 1 Copy the SSH key you want to crack. cp /.ssh/id_rsa id_rsa Step 2 To brute-force using john, we have to convert it into a suitable format. For this, we can use ssh2john.py. This comes pre-installed…

Setup your own MFA policy in Azure Active Directory — In my previous article, I explained about MFA and the advantages of it. This article would give you an Introduction to the MFA in Azure and a brief tutorial on how to set up MFA in Azure AD. Problem With Passwords And why you should use Multi-Factor Authentication.medium.com Authentication Modes for Cloud-based Azure MFA Azure offers various methods of authentication, the important ones are,

And why you should use Multi-Factor Authentication. — We are all accustomed to using passwords to access websites and computer resources. The result of this has cultivated situations where users re-use the same passwords on multiple websites. Even if they used unique passwords, they tend to be short passwords that are easy to remember and also, easy to…

A beginner-friendly writeup on TryHackMe’s Inclusion challenge. — Introduction This challenge on TryHackme.com focuses on Local File Inclusion attack. Local File Inclusion is when the attacker tricks the web application into exposing or running files on the webserver. TryHackMe | Inclusion TryHackMe is an online platform for learning and teaching cyber security, all through your browser.tryhackme.com

A beginner-friendly writeup on TryHackMe’s OhSINT challenge. — Introduction The OhSINT room on TryHackMe.com focuses on finding information from a regular. JPG image and then escalate to discover critical data using OSINT (Open-Source Intelligence). This is a good hands-on experience for beginners who are looking to explore OSINT, Penetration Testing and Bug Bounties. Room URL: https://tryhackme.com/room/ohsint

We have two types of days. One, in which we have an abundance of free time and wonder how to spend it. The other one, where we are stuck between work, college and our personal life, praying for another hour to be miraculously added to our day so that we…

This is the final part of the series “Introduction to Cross-Site Request Forgery (CSRF)”. Introduction In my previous blog post, I explained the concepts of Synchronizer Token Pattern and demonstrated the source code to achieve it. In this blog, I will be demonstrating the second prevention method, “Double Submit Cookie Pattern”…

This is the second part of the series “Introduction to Cross-Site Request Forgery (CSRF)”. Introduction In my previous blog post, I explained the concepts of CSRF, its risk and pointed out the prevention strategies. In this blog, I will be demonstrating the first prevention method, “Synchronizer Token Pattern”. …