MD

My Blog

ACRTP

Bypass Restrictions in API Gateway

AWS

Using AWS API Gateway misconfigurations to gain unauthorized access to production environments.

ACRTP

SSRF to Pwned

AWS

Exploiting a Server-Side Request Forgery (SSRF) vulnerability to extract sensitive files from an S3 bucket.

ACRTP

Looting Public EBS Snapshots

AWS

Enumerating EBS snapshots and exfiltrating data.

ACRTP

Escalate Privileges by IAM Policy Rollback

AWS

Exploiting IAM policy version control and password cracking zip files

ACRTP

Assume Privileged Role with External ID

AWS

Using IAM policy and aws-enumerator to escalate privileges within an AWS environment.

ACRTP

Identifying the AWS Account ID from a Public S3 Bucket

AWS

Understanding the s3-account-search tool.

ACRTP

Hunting for Secrets in Git Repos

AWS

Discovering secrets hidden in a Git repository and using them to access an AWS S3 bucket.

ACRTP

S3 Enumeration Basics

AWS

CTF-style challenge focused on S3 enumeration and credential exfiltration.

ACRTP

Intro to AWS IAM Enumeration

AWS

Get comfortable with AWS Identity and Access Management (IAM) using the AWS CLI.

Gandalf

Prompt Hacking Gandalf AI

AI

Use prompt injection to bypass Gandalf AI.

W1seGuy

TryHackMe W1seGuy

TryHackMe

CTF style cryptography challenge that focuses on the XOR operator.

Traverse

Tryhackme Traverse

TryHackMe

CTF style application security challenge that includes API hacking, python scripting, and command injection.

Uranium

Tryhackme Uranium CTF

TryHackMe

Expore OSINT, phishing, wireshark forensics, and SUIDs.

Brooklyn Nine Nine

Tryhackme Brooklyn Nine Nine

TryHackMe

Exploiting anonymous ftp login, steganography, and linux privilege escalation.

TraAttacktive Directoryverse

Tryhackme Attacktive Directory

TryHackMe

Exploiting an active directory domain controller.

Looking Glass

Tryhackme Looking Glass

TryHackMe

Cryptography, linux enumeration, lateral and vertical privilege escalation.

NerdHerd

Tryhackme NerdHerd

TryHackMe

Exploiting ftp anonymous login, smb enumeration, vigenere ciphers, and a linux kernel privilege escalation.

Git Happens

Tryhackme Git Happens

TryHackMe

Enumerating a public git repository.

Kenobi

Tryhackme Kenobi

TryHackMe

Samba enumeration, ftp exploitation, and linux privilege escalation.

Wonderland

Tryhackme Wonderland

TryHackMe

Explore python library hijacking, linux enumeration, and privilege escalation.

Inclusion

Tryhackme Inclusion

TryHackMe

Practice with Local File Inclusion (LFI) attacks.

Easy Peasy

Tryhackme Easy Peasy

TryHackMe

Practice locating a hidden directory to get initial access to a vulnerable machine, and escalating privileges using a crontab.