I’m currently learning the ‘Core Windows Processes’ module on TryHackMe and a topic which stuck out to me is the detection and eradication of Malicious Windows Processes. For the examples used in this article I have used Process Hacker. What is a malicious Windows process? Commonly deployed as part of a root kit which compromises…
Category: Practice
[THM] OSINT Exercise
Difficulty: Easy Objectives To start this task we are provided with an image. The image is of the Windows XP Background. Step 1 – Analysing the Image Since all we have is the image to work off we’ll start by checking the metadata of the image. A reverse image search may also pull results, however…
[PRACTICE1] – [THM EASY] – Basic Pentesting
Now we have a basic understanding of enumeration and basic exploiting, I will be starting on some practice sessions. This one of the basic offering by TryHackMe and provides an end goal but not instructions. Target IP: 10.10.92.53 Objectives:1. Find the services exposed by the machine2. Find the hidden directory3. Brute force the username/password4. Locate…
THM – Hacking SQL
Finishing off the extended Network Services section of TryHackMe is SQL. I will cover SQL in a later knowledge article however this session will focus on enumerating and exploiting improperly configured SQL servers. Note this is using mySQL. Target IP Address: 10.10.59.74 (IP changed after initial scan) Assumed login details: root:password Footprinting & Enumeration To…
THM – Enumerating and Exploiting a SMTP server
To follow up on todays knowledge post we are doing some practice on some active footprinting, enumerating and exploiting a SMTP server. Target IP Address: 10.10.239.254 Footprinting / Enumeration So to start with we’ll run a port scan. Again for this we’ll be using nmap. Analysing the output we can see that port 22 and…
Threat Intelligence Sources
Notes from Security 601+ – Module 1.5 threat intelligence is an essential tool for cyber security practitioners. While it’s all well and to have a system in place to react to threats additional work needs to be done to proactively prepare for threats BEFORE it happens. The issue is, how can a single researcher or…