Introduction This article is a part of the Web Exploitation series. You can check the other articles in the series below. Web Exploitation Now, let’s get started! What is Command Injection?...

Introduction This article is a part of the Web Exploitation series. You can check the other articles in the series below. Web Exploitation Now, let’s get started! What is Server Side Reques...

Introduction This article is a part of the Web Exploitation series. You can check the other articles in the series below. Web Exploitation Now, let’s get started! What is SQL Injection? SQ...

Introduction to Web Exploitation Web exploitation involves identifying and exploiting vulnerabilities in web applications and websites. In Capture the Flag (CTF) competitions, these vulnerabilitie...

Introduction This article is a part of the Web Exploitation series. You can check the other articles in the series below. Web Exploitation Now, let’s get started! What is Cross-Site Scripti...

In this write-up, we will explore how to tackle the Lame machine from HackTheBox. Lame is an easy-level machine that was released on 14th March 2017 and runs on Linux. Our objective is to exploit a...

Introduction The HackTheBox weekly machine named Photobomb was relatively easy to exploit. The first step involved discovering the login credentials by analyzing a JavaScript file. Once I gained ...

I’ll cover the fundamentals of Linux security and how attackers target Linux machines. Before we dive into securing Linux systems, it’s important to understand the Linux permissions model. Underst...