Regular Expressions quick cheatsheet for pentesters – 101
The Regular Expressions quick cheatsheet for pentesters topic in code review is explained by Jonny Fox . The entire credit […]
Mysql UDF Basics and Exploitation
So what is a UDF? It is a way to extend MySQL with a new function that works like a […]
MSSQL Injection
(((0x1 :- Basic Recon Stage))) -1 union all select 1,2– -1 union all select null,2– null union all select 1,null– […]
Tools Allowed in OSCP
PWK/OSCP Prep Discord Server ( https://discord.gg/ ) These are merely tools suggested by other users that are deemed “approved” for the exam. […]
Wfuzz- The power of evil
WfFuzz is a web application brute forcer that can be considered an alternative to Burp Intruder as they both have […]
Pivoting and SSH Port forwarding Basics -Part 1
First and foremost, what is SSH tunneling and how does it work? SSH tunneling is a technique that allows traffic […]
RCE with log poisoning Attack Methodologies
Some of the important log files are the following :- http://example.com/index.php?page=/var/log/apache/access.log http://example.com/index.php?page=/var/log/apache/error.log http://example.com/index.php?page=/var/log/nginx/access.log http://example.com/index.php?page=/var/log/nginx/error.log http://example.com/index.php?page=/var/log/vsftpd.log http://example.com/index.php?page=/var/log/sshd.log http://example.com/index.php?page=/var/log/auth http://example.com/index.php?page=/var/log/mail http://example.com/index.php?page=/var/log/httpd/error_log http://example.com/index.php?page=/usr/local/apache/log/error_log […]
OSCP – Msfvenom All in One
One of the most powerful utilities of Metasploit is its payload module. Its abilities are underutilized ( by the beginners […]
SUID Executables- Linux Privilege Escalation
Set User ID is a sort of permission which is assigned to a file and enables users to execute the […]
OSCP – Enumeration Cheatsheet & Guide
Credits to the authors of all the blogs and everyone who can find their commands below. This blog will concentrate […]