I am happy to announce I have taken and passed the examination for the CYSA+ examination. While I should be relaxing I’m finding myself in the typical position of being unable to shake the feeling I should be doing something productive so inspired by an article I read during my preparation for this exam I’m…
Category: Learning
Web App Vulnerabilities – Types and Safeguarding
As we move onto preparing for the CYSA+ 002 exam I am going to be reinforcing some of my learning by documenting them. Something which I have often struggled with is web attacks and how to recognise them. This is part of objective 1.3 of the Comptia CYSA+ exam. Types of Web Attacks There are…
Analysis – MOVEit File Transfer Vulnerability
Within the Cybersecurity field it is essential to be up to date with current events, especially those with potentially critical impacts to an organisation. As such with new victims being released everyday I’ve been reading up on this vulnerability and look to covering it to reinforce the learning. What is the MOVEit vulnerability? The MOVEit…
Windows System Processes – what they are and detecting malicious intrusion or fakes
I’m currently learning the ‘Core Windows Processes’ module on TryHackMe and a topic which stuck out to me is the detection and eradication of Malicious Windows Processes. For the examples used in this article I have used Process Hacker. What is a malicious Windows process? Commonly deployed as part of a root kit which compromises…
[THM] OSINT Exercise
Difficulty: Easy Objectives To start this task we are provided with an image. The image is of the Windows XP Background. Step 1 – Analysing the Image Since all we have is the image to work off we’ll start by checking the metadata of the image. A reverse image search may also pull results, however…
[PRACTICE1] – [THM EASY] – Basic Pentesting
Now we have a basic understanding of enumeration and basic exploiting, I will be starting on some practice sessions. This one of the basic offering by TryHackMe and provides an end goal but not instructions. Target IP: 10.10.92.53 Objectives:1. Find the services exposed by the machine2. Find the hidden directory3. Brute force the username/password4. Locate…
THM – Hacking SQL
Finishing off the extended Network Services section of TryHackMe is SQL. I will cover SQL in a later knowledge article however this session will focus on enumerating and exploiting improperly configured SQL servers. Note this is using mySQL. Target IP Address: 10.10.59.74 (IP changed after initial scan) Assumed login details: root:password Footprinting & Enumeration To…
THM – Enumerating and Exploiting a SMTP server
To follow up on todays knowledge post we are doing some practice on some active footprinting, enumerating and exploiting a SMTP server. Target IP Address: 10.10.239.254 Footprinting / Enumeration So to start with we’ll run a port scan. Again for this we’ll be using nmap. Analysing the output we can see that port 22 and…
THM – Exploiting unsecured NFS
As part of the Network Services room in TryHackMe, one of the areas covered is NFS. I will cover the technology in more detail at a later point but this article is dedicated towards a practice senario concerning how an unsecured NFS share can be exploited. To start with as always, we need to find…
THM – Exploiting FTP
As part of learning about Telnet in TryHackMe we practiced some methods in which FTP can be exploited. I have detailed one of the methods taken to do so here and how it was done. Scanning Phase To start with we ran a Nmap scan to see what open ports we had. –min-rate is used…