A Beginner’s friendly approach for OSCP ,CTFs and Web App Pen-testing.

This article will describe the basics of Web Enumerations and is aimed at Beginners. It starts with basics and then gradually build up to more advanced techniques.

Table of Contents

-Introduction
-Enumerate and Make Notes
-Find out the Ports
-View Page Source
-Well Known Files
-Virtual Hosts
-Web Directories Busting
-Subdomains
-Web Technologies used
-Usernames
-Brute Force Login Pages
-SQL Injection in Login Pages
-Local…

Security concepts in the form of fun-filled games for Beginners

This is a final write-up for the Bandit wargames from Over The Wire. Pervious two write-ups of the same series can be found here:

So lets start with the next level.

Level 21 → Level 22

SSH in to Level 21 using username/password: bandit21/gE269g2h3mw3pwgrj0Ha9Uoqen1c9DGr

ssh bandit21@bandit.labs.overthewire.org -p 2220

A program is running automatically at regular…

Security concepts in the form of fun-filled games for Beginners

This is a write-up from the next 10 levels(11–20) of OTW’s wargame named Bandit. Please read Level 0 to 10 write-up first from here.

So let’s start.

Level 11 → Level 12

SSH in to Level 11 using username/password: bandit11/IFukwKGsFW8MOq3IRFqrxE1hxTNEbUPR

ssh bandit11@bandit.labs.overthewire.org -p 2220

The password for the next level is stored in the file…

Security concepts in the form of fun-filled games for Beginners

I love Linux and thus will try out any challenge specially based around security. OverTheWire(OTW) is a collection of such challenges and Bandit is a war-game aimed at beginners and oriented around Linux. The challenges can be found here:

https://overthewire.org/wargames/bandit/

This will be a write-up of bandit and you need…

Perform memory forensics to find the flags

This is a quick write-up for TryHackMe room named Memory Forensics. You can find this room here:- https://tryhackme.com/room/memoryforensics

Get Volatility from here: https://github.com/volatilityfoundation/volatility/

[Task 2] Login

What is John’s password?

Download the memory dump for this task and first of all get the “ImageInfo”:

$ python /opt/tools/volatility/vol.py -f Snapshot6.vmem imageinfo
Volatility Foundation Volatility Framework…

0xsanz

Software Developer having keen interest in Security, Privacy and Pen-testing. Security+ certified.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store