Note to self: Productivity and creativity improve when focus is on self-improvement, rather than publication. Do more and get better. A periodic review should help. This page serves as a gu...

Portswigger’s SQLi module: SQLi Lab scripts for Blind SQLi: SQLi scripts Jump to: Labs Concepts SQLi Access, modify, or delete SQL data using queries. This can be escalated to compromise t...

To know how to attack, you must also know how to defend and vice versa. This Network security series is a summary of concepts I learnt from a class by a fantastic professor Dr. William Robertson. O...

Includes takeaways, and links to my Burp suite journey. Web Security Academy SQLi

main Download: VyOS Community (select legacy > ova for vmware) # for vyos conf set interfaces ethernet eth0 address 192.168.189.253/24 set interfaces ethernet eth1 address 18.0.0.253/24 set pr...

main Vmware configuration settings for the homelab setup vmware settings: Uncheck DHCP on WAN, LAN, and DMZ networks to avoid a clash between vmware and pfsense VMWare NAT (WAN) settings:...

main Gain root access on metasploitable2 Gain www-data user access: # www-data service user access: # searchsploit searchsploit apache 2.2.8 # out: Apache + PHP < 5.3.12 / < 5.4.2 - cgi-...

main Pfsense installation steps: Use the ISO, install, go with the defaults Official: Installation Walkthrough - pfSense Documentation (netgate.com) File system selection - UFS ...

Project overview: Intro: This post can help you set up a home lab on vmware. You can simulate attacks, check how a firewall/IDS works, understand the logs and network traffic, and learn more from i...

main Command and Control server over DNS Sources: TryHackMe | DNS in detail, TryHackMe | DNS Manipulation, TryHackMe | Data Exfiltration. (These sources explain ways to exfiltrate data over DNS us...