Category: Tutorials

  • BassamCTF Walkthrough

    BassamCTF is an easy machine from Vulnhub. However, it requires a bit of enumeration that are straightforward. Find the IP address First of all, I identified the IP address of the target machine. Here, host ID 100 is my IP address, whereas 146 is the target. Scan open ports Next, I scanned open ports on…

  • A Detailed Guide on Ligolo-Ng

    This comprehensive guide delves into the intricacies of Lateral Movement utilizing Ligolo-Ng, a tool developed by Nicolas Chatelain. The Ligolo-Ng tool facilitates the establishment of tunnels through reverse TCP/TLS connections using a tun interface, avoiding the necessity of SOCKS. This guide covers various aspects, from the tool’s unique features to practical applications such as single…

  • Uncovering Vulnerabilities: Command Injection Penetration Testing

    In this video, we will be diving deep into the world of command injection penetration testing. Command injection is a type of vulnerability that allows an attacker to execute arbitrary commands on a system. By uncovering such vulnerabilities through thorough testing, we can prevent potential security breaches and protect our systems from malicious attacks. During…

  • Ultimate ICMP hping3 Monitoring Penetration Testing Guide

    Welcome to the ultimate ICMP hping3 monitoring penetration testing guide! In this video, we will explore how to use hping3 for monitoring network connectivity and security using ICMP (Internet Control Message Protocol) packets. ICMP is a vital protocol in network communication, often used for troubleshooting and monitoring network issues. Hping3 is a powerful command-line tool…

  • The Ultimate Guide to GoodGames Penetration Testing

    Summary GoodGames is a Linux machine and is considered an easy box. but it was tricky indeed. On this box, we will begin with a basic port scan and move laterally. Then we will enumerate domain name and subdomains. Then we will exploit SQL Injection vulnerability using burp and SQLmap. Exploitation of the server-side template…

  • Nunchucks Penetration Testing: A Close Look

    Summary Nunchucks is a Linux machine and is considered an easy box by the hack the box. On this box, we will begin with a basic port scan and move laterally based on the findings. Then we will enumerate HTTP services and hunt vulnerabilities present on the web page.  Laterally, we will exploit server-side template…

  • Exploring Blackfield Penetration Testing

    Summary Blackfield is a windows Active Directory machine and is considered as hard box by the hack the box. This box has various interesting vulnerabilities, and security misconfigurations were placed. As usual, we began with a basic nmap scan as a part of enumeration and noticed smb null session was enabled. Then we discovered a…

  • Becoming the Ultimate Pentester: Mastering the Art of Penetration Testing with Pentester Club

    Welcome to Pentester Club! In this video, we are thrilled to present to you an opportunity to enhance your penetration testing skills to a mastery level, ultimately making you the king of the field. Join us on this transformative journey as we guide you through the art of penetration testing, equipping you with the tools…

  • Cracking the Code: Mastering the Boot to Root CTF Challenge

    In this exciting video, join us as we dive deep into the world of ethical hacking and take on the thrilling “Boot to Root CTF Challenge”. This interactive challenge will test your skills and knowledge in cracking a complex code, ultimately leading you to gain full control over the target system. With our expert guidance,…

  • Uncover the Secrets of Napping Penetration Testing

    Napping is a machine I created where I wanted to highlight the exploit of Tab Nabbing. We use the Tab Nabbing attack to phish out some credentials from a administrator who happens to use the same credentials to SSH into the machine. Then we see that we can write to a Python script that is…