Blog

Phishing Email & attachment Analysis

Phishing Email & attachment Analysis

We’re going to talk about how to address infected PDF files and extract malicious indicators from within them without endangering yourself or your PC. Dealing with infected pdf and doc files happens nearly all day in IT security operations centres. The users may report phishing, and our job as security analysts will be to figure

Read More
THM Walkthrough – Vulnversity Part 2

THM Walkthrough – Vulnversity Part 2

In this blog as promised last time we will compromise the webserver with Burp Suite. Task 4: Compromise the webserver I have tried uploading few extensions like .jpeg, .txt, .php etc but it was blocking my uploads. Now we need to find out extension that can be successfully uploaded. To do that Option 1 is to

Read More
Optimum – HackTheBox Walkthrough – Part 2

Optimum – HackTheBox Walkthrough – Part 2

As we saw in the first part of this Optimum walkthrough, it is a beginner-level machine that is more of an enumeration of services with known exploits. These exploits are easy to work out and get the flag. Let us continue from where we left. As I had an issue with Windows-Exploit-Suggester I am using

Read More
THM Walkthrough – Vulnversity Part 1

THM Walkthrough – Vulnversity Part 1

I am back with my favorite type of blog which is walkthrough of THM machine. In this machine we will Learn about active recon, web app attacks and privilege escalation. We will also learn how to attack using burp suite Intruder. Task 1: Deploy the machine  Got Connected to THM server and OpenVPN Servers and deployed Vulnversity machine. Task 2

Read More