‘THM Challenge’ is a WebApp that I wrote to send along with my CV to TryHackMe when they were recruiting Content Engineers
whoamiMy name is Jay and I'm studying CyberSecurity with a focus on Red Team operations.
I find that I'm able to retain information a little easier if I write it down as if I'm trying to teach someone how to do it. So this is basically a culmination of all of my notes presented in a 'how-to' or 'teaching' format.
As time goes on you'll be able to find things like Box and CTF Challenge Writeups, cheatsheets I've written for myself, projects I'm working on and even some articles on tools/concepts that I come across as I learn.
Feel free to contact me on Twitter!
Granny & Grandpa are a pair of identical easy rated boxes on Hack the Box. We’ll use metasploit to exploit a buffer overflow in IIS 6.0/WebDav for access and a kernel exploit for privesc
‘Optimum’ is an easy rated box on Hack the Box. We’ll exploit a vulnerable version of HttpFileServer for access and use Windows Exploit Suggester to find a kernel exploit for privesc
‘Bashed’ is an easy rated box on Hack the Box. We’ll use gobuster to uncover some hidden directories on a webserver, use a custom bash/php client to gain a shell and exploit a script being run as a cronjob for root
‘Nibbles’ is an easy rate box on Hack The Box. We’ll use gobuster to enumerate the ‘Nibbleblog’ platform, burpsuite’s intruder for bruteforcing a login and a public exploit for the initial shell.