Author: Khushbu Vyas

THM Walkthrough – Vulnversity Part 2

THM Walkthrough – Vulnversity Part 2

In this blog as promised last time we will compromise the webserver with Burp Suite. Task 4: Compromise the webserver I have tried uploading few extensions like .jpeg, .txt, .php etc but it was blocking my uploads. Now we need to find out extension that can be successfully uploaded. To do that Option 1 is to

Read More
THM Walkthrough – Vulnversity Part 1

THM Walkthrough – Vulnversity Part 1

I am back with my favorite type of blog which is walkthrough of THM machine. In this machine we will Learn about active recon, web app attacks and privilege escalation. We will also learn how to attack using burp suite Intruder. Task 1: Deploy the machine  Got Connected to THM server and OpenVPN Servers and deployed Vulnversity machine. Task 2

Read More
NIST Recommendations for Computer Security Incident Handling

NIST Recommendations for Computer Security Incident Handling

Computer security incident response is a very important component of information technology programs. Because performing incident response effectively is a complex and time-consuming task, establishing a successful incident response capability requires substantial planning and resources. The NIST Computer Security Incident Handling Guide provides in-depth guidelines on how to build an incident response capability within an

Read More
PRIMER ON MITRE ATT&CK 101

PRIMER ON MITRE ATT&CK 101

I am here with a blog on the MITRE ATT&CK because it has gained a lot of attention and popularity in recent years. ATT&CK is a framework developed by MITRE. It is globally accessible knowledge base of adversary tactics and techniques based on real-world observations. ATT&CK stands for Adversarial Tactics, Techniques, and Common Knowledge. It

Read More