Hey Folks,
Let's start with how to exploit a JSON body which could lead to various vulnerabilities.

Most of the time when we see the application is using a JSON body, and Authorization token in Header, we forget about CORS CSRF and even Broken Access Control too, but always remember…


IIS 6.0 privilege escalation using impersonation

machine IP: 10.10.10.14

1. Scanning and Enumeration-

doing a basic scan with Nmap will give below results


Let's go beyond access to the root flag.

This machine is going to be a windows system that is vulnerable to an exploit named called EternalBlue.

EternalBlue is an exploit that allows cyber threat actors to remotely execute arbitrary code and. gain access to a network by sending specially crafted…


Hello All, this is a great time to start with OSCP preparation with the latest Hackthebox -OSCP like VM’s.

The first box which we are going to solve is — Lame so let's start with basics.

machine IP:- 10.10.10.3

  1. Scanning and Enumeration:-

doing a basic port scan with Nmap with…

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store