it security
  • What is the dark web and how to access it
    First of all let’s show the differences between the part of the internet that can be indexed by traditional search engines and easily accessible from the internet and the whole other “hidden” part. The entire web is divided into the following parts: Surface Web: it is the part of the web that is easily accessible … Read more
  • Updating kernel in Gentoo Linux
    Updating kernel in Gentoo Linux The kernel is the heart of an operating system. It provides secure and controlled hardware access to running processes. It can therefore be understood how important it is, in terms of IT security, to update the kernel. Here are the commands to update the kernel in Gentoo OS. Once you … Read more
  • A little bit about Gentoo Linux
    A little bit about Gentoo Linux In my opinion one of the most fascinating linux-based operating systems is Gentoo Linux. Any respected Nerd should have managed to install and update Gentoo as well as try to solve on their own the various problems that arise during the previous two phases. The main feature of this … Read more
  • TryHackMe – Surfer writeup
    TryHackMe – Surfer writeup This is my TryHackMe – Surfer machine writeup. Scanning victim’s IP using “nmap” I find that ports 22 and 80 are open. Navigating the web site (port 80) I find a login page. Instead, using “dirb” I find many useful things including “robots.txt”. The content of “robots.txt” is: Disallow: /backup/chat.txt Then I browse “victim_IP/backup/chat.txt” … Read more
  • How to enumerate subdomains
    During a pentest on a web server it can certainly be useful to enumerate the victim’s domain to see if there are any subdomains, in order to test everything. To do this you can use the following main methods: — Dns zone transfer — With this method it is possible to take advantage of the … Read more
  • Hide malicious shell in image file
    Many times, uploading a malicious file (such as a .php reverse shell) to the victim machine, and making it work, is not so obvious. The victim’s web administrator may have set filters to help determine the types of files that can be uploaded to their server. In fact, a good web administrator allows you to … Read more
  • How to enumerate for privilege escalation
    Intro When the attacker has managed to gain shell access to the victim’s machine, it is important to immediately understand what permissions he has. In other words, the user with whom the attacker accessed the victim may not be “root” (or administrator) and therefore may not have permission to do everything on that victim’s system. … Read more
  • Why use a VPN
    VPN stands for VIRTUAL PRIVATE NETWORK. VPN is a virtual network which guarantees privacy and increases security on browsing data.
  • Create your own website with – starting from scratch
    Creating your own website is not something reserved for programmers and web designers. If you have some nice ideas that you would like to put online in the vast world of the internet, below I will list the various steps to do so, from registering a domain to finding a hosting service and installing and … Read more
  • TryHackMe – Cold VVars writeup
    TryHackMe – Cold VVars This is my TryHackMe – Cold VVars machine writeup. Scanning victim’s IP using nmap tool to see open ports the result is: Browsing on port 8082 we can see that there is a website then I decided to scan it using “dirb”. So I found “login” section: Browsing in it: After a few tries … Read more

Dark Mode
Privacy Policy Cookie Policy