This article details a cybersecurity challenge involving SSH enumeration, restricted shell bypass, and privilege escalation through Ruby script exploitation. It highlights techniques like unsafe reflection, local service enumeration, and SUID payloads to escalate privileges and capture flags. #RubyReflection #PrivilegeEscalation
Category: Interesting Stuff
This article details the solving of the “Anonymous” challenge in the Excel 2025 CTF, showcasing techniques like XXE injection, server bypasses, and remote code execution. The author achieved 24th place by exploiting vulnerabilities, which involved web exploitation, file upload bypasses, and system command execution. #XXE #FileUploadBypass
This article explores the use of basic steganography techniques to hide Command and Control (C2) commands within SVG files for cyber operations. The approach involves encoding command data into SVG element properties, making it covert and difficult to detect. #Steganography #C2Commands
This guide provides detailed techniques for detecting and exploiting advanced SQL injections in web applications, demonstrated through practical examples on TryHackMe’s SQHell room. It covers various attack vectors, including login bypass, database enumeration, and data extraction, emphasizing the importance of understanding underlying backend logic. #SQLInjection #TryHackMe #SQHellRoom #MySQL #DatabaseEnumeration
This article explores modern techniques for making API calls in web development using fetch and Axios, emphasizing the async/await programming model. It also highlights common security vulnerabilities in JavaScript code, such as hardcoded tokens and risky DOM manipulations. #fetch #Axios #JavaScriptSecurity
This article discusses the evolution of Detection Engineering within Managed Detection and Response (MDR) services, emphasizing the need for threat-driven, systematic detection frameworks. It highlights challenges, methodologies, and innovative approaches like knowledge graphs to enhance detection capabilities and operational efficiency. #MITREATTACK #DetectionEngineering
The article highlights the potential of the AuthenticationProcessingDetails field in Microsoft Entra ID’s AADSignInEventsBeta table for advanced security investigations. It provides insights into detecting suspicious sign-in activities, such as IP mismatches, legacy TLS use, and login_hint abuse, through practical KQL examples. #AADSignInEventsBeta #AuthenticationProcessingDetails
Continuous patch management and end-to-end vulnerability lifecycle governance are the new baseline, replacing traditional patch windows. Exploitation often outpaces vendor patches, making automation, policy-as-code, redundancy, and near-real-time standard interpretation essential to reduce breach risk #Action1Remediation #ContinuousPatching
This article demonstrates how misconfigured IAM permissions, particularly CreateLoginProfile, can lead to privilege escalation and full account takeover in AWS. It highlights the setup, exploitation, and preventive measures to secure cloud environments. #AWSIAM #PrivilegeEscalation
Encrypted DNS enhances online privacy by encrypting DNS queries using protocols like DoH, DoT, and others, preventing third parties from monitoring or manipulating internet traffic. Popular providers such as NextDNS, Cloudflare DNS, and AdGuard DNS offer secure, customizable, and privacy-focused DNS services that help protect users from threats and censorship. #NextDNS #CloudflareDNS #AdGuardDNS
The 2025 Cyber Threat Landscape Report highlights the rising concerns of nation-state attacks, AI-driven cyber threats, and insider risks impacting organizations worldwide. It also outlines strategic shifts like increased training, AI integration, and reliance on MSSPs to enhance cyber resilience. #NationStateAttacks #AIThreats #MSSP #InsiderThreats
This article emphasizes the importance of managing Windows privacy settings to control data collection and prevent leaks. It highlights tools and practices for enhancing privacy, including disabling telemetry and carefully configuring permissions. #O&OShutUp10++ #PrivacySexy
This article details a cybersecurity challenge on TryHackMe where a vulnerable TeamCity server was exploited using CVE-2024-27198 to gain remote code execution. It also covers forensic analysis with Splunk to detect attacker activities like backdoor user creation, malicious package installation, and uploaded plugins. #CVE‑2024‑27198 #TeamCity #Splunk #Metasploit #backdoor
![[THM] Gallery, Writeup](https://miro.medium.com/v2/resize:fit:708/1*Q3DMhsqVeDDtXVrVjB1wVg.png "[THM] Gallery, Writeup")
This article details a cybersecurity penetration testing journey on a web application hosted on TryHackMe, highlighting methods such as port scanning, web enumeration, SQL injection, and privilege escalation. It emphasizes the importance of thorough reconnaissance, exploiting vulnerabilities like SQLi, and leveraging backup files for system access. #TryHackMe #SQLInjection
This article explains how browser automation with Selenium can be used for penetration testing by mimicking real user interactions to bypass security measures like CAPTCHAs and client-side restrictions. It details the implementation of a brute-force attack leveraging Selenium’s stealth techniques to automate login attempts and extract sensitive data. #Selenium #BruteForceAttack