Overview: As a community volunteer @Winja I created reverse engineering ctf challenges for Wicked 6 Winja CTF for Women. Without wasting further time let’s jump in! d3bug-th1s Challenge Name: d3...
Apr 21, 2022 2022-04-21T12:20:00+05:30
$whoami - My Background My name is Siddhant Chouhan, I am from New Delhi, India. I am a cyber security enthusiast and have keen interest in vulnerability assessment and penetration testing. I love...
Jan 23, 2022 2022-01-23T12:20:00+05:30
Introduction: In this blog post I’ll be talking about my PWK-OSCP journey. I will be sharing useful resources as well that were helpful for me in this journey. An OSCP has demonstrated the abi...
Nov 8, 2021 2021-11-08T12:20:00+05:30
Overview: This windows box involves 3 Active Directory attacks AS-REP Roasting followed by Kerberoasting and finally a DC Sync to get the administrator NTLM hash. The box starts with us finding ou...
May 17, 2021 2021-05-17T12:20:00+05:30
Overview: This windows box starts with us enumerating ports 80 and 135. We leak the ipv6 address of the box using IOXID resolver via Microsoft Remote Procedure Call. DCOM(Distributed Component Obj...
Apr 11, 2021 2021-04-11T12:20:00+05:30
Overview: The box starts with us finding a python flask jinja 2 webapp on port 80 and we have splunk running on port 8089 , We perform a Server-Side Template Injection to get remote code execution...
Feb 6, 2021 2021-02-06T00:00:00+05:30
Overview: The box starts with us finding a Gym Management System web application, and using searchsploit we find there is an Unauthenticated File Upload Vulnerability and we get a shell on the box...
Nov 22, 2020 2020-11-22T00:00:00+05:30
Overview This windows box involved a lot of enumeration. It starts with us resetting an account via the poorly implemented reset password functionality on the web server.Then we are able to enum...
Nov 14, 2020 2020-11-14T00:00:00+05:30
Overview: The box starts with us finding a Local File Inclusion Vulnerability on port 80 and we have tomcat running on port 8080 ,so we can use the LFI vulnerability to find credentials for tomcat...
Nov 7, 2020 2020-11-07T00:00:00+05:30
Overview: This windows box required a lot of enumeration and was focussed on Active Directory. It starts with us finding anonymous access to a smb share which had a lot of directories which turn o...
Oct 3, 2020 2020-10-03T12:20:00+05:30