Author: Khushbu Vyas

PRIMER ON MITRE ATT&CK 101

PRIMER ON MITRE ATT&CK 101

I am here with a blog on the MITRE ATT&CK because it has gained a lot of attention and popularity in recent years. ATT&CK is a framework developed by MITRE. It is globally accessible knowledge base of adversary tactics and techniques based on real-world observations. ATT&CK stands for Adversarial Tactics, Techniques, and Common Knowledge. It

Read More
Pickle Rick: A Rick and Morty CTF with Command Injection attack – THM Writeup

Pickle Rick: A Rick and Morty CTF with Command Injection attack – THM Writeup

This Rick and Morty themed challenge requires us to exploit a webserver to find 3 ingredients that will help Rick make his potion to transform himself back into a human from a pickle. Rick and Morty’s fans know which pickle what I am talking about. We always make sure we are connected to the machine using

Read More

Ghostcat Vulnerability CVE-2020-1938 explained and exploited with Try-Hack-Me Tomghost machine

Today, I am back with an interesting blog on vulnerability named Ghostcat. The Apache Ghostcat vulnerability is an LFI (Local File Inclusion) vulnerability which is discovered by a security researcher of Chaitin Tech and came out in February 2020, while the world was gearing up for a lockdown fight up against the coronavirus. It allows

Read More

TryHackMe Walkthrough- Blue

Hi Everyone…!!! I am back with another machine in this blog. In this beginner-friendly blog, we will learn how to deploy & hack into a Windows machine, leveraging common misconfigurations issues. This machine is based on Eternal blue vulnerability(CVE-2017-0143). Let’s ping the blue machine and make sure we are connected. Task 1:  Recon In the

Read More