Moniker Link (CVE-2024-21413)
On February 13th, 2024, Microsoft announced a Microsoft Outlook RCE & credential leak vulnerability with the assigned CVE of CVE-2024-21413 (Moniker Link). Haifei Li of Check Point Research is credited…
On February 13th, 2024, Microsoft announced a Microsoft Outlook RCE & credential leak vulnerability with the assigned CVE of CVE-2024-21413 (Moniker Link). Haifei Li of Check Point Research is credited…
The Red Team Capstone challenge from TryHackMe is an in-depth network challenge simulating a Red Teaming engagement. The challenge includes several phases structured around the cyber kill chain that will…
Kitty from TryHackMe is a Linux machine running a web application with security vulnerabilities. We are tasked with finding the vulnerabilities and exploiting them to gain root privileges on the…
Logs are records generated by various software applications, operating systems, and network devices to keep track of events and activities. They are essential for monitoring, troubleshooting, and security analysis. Log…
This blog is based on TryHackMe's room on GitLab CVE-2023-7028. Learning Objectives Exploit a GitLab CE instance through CVE 2023-7028 How the exploit works Protection and mitigation measures What is…
Reset is a Windows machine that is part of a domain and consists of many misconfigurations. Our goal is to perform a Pentest as a Red Teamer and exploit the…
This blog is based on the HHTP Request Smuggling room from TryHackMe. What is HTTP Request Smuggling? HTTP Request Smuggling is a vulnerability that arises when there are mismatches in…
Bulletproof plugin is an easy room that deals with hardening security on the common services that run on a Linux machine. This room covers services such as FTP, MySQL, Redis, SSH,…
Umbrella from TryHackMe is a Linux machine with multiple misconfigurations. To get a foothold, we need to perform enumeration on the Docker Registry and obtain credentials for the MySQL database.…