Hinge is a dating application for android and iOS devices launched in 2013. Like its competitors Tinder and Bumble, it enables users to search through a database of other users and match with potential dating partners. Offering features to create unique profiles, integrate with existing social platforms, and chat with…

Legacy is an easy level retired capture the flag machine from Hack the Box. This writeup will describe the techniques I used to bypass security controls and gain root access to the machine. Getting Started The first thing i did was conduct a basic nmap scan to search for the top 200…

The eLearnSecurity Junior Penetration Tester certification, commonly referred to as the eJPT, is a great certification for anyone with basic information security skills looking to get into penetration testing. …

Hinge is dating application for android and iOS devices launched in 2013. Like its competitors Tinder and Bumble, it enables users to search through a database of other users and match with potential dating partners. Offering features to create unique profiles, integrate with existing social platforms, and chat with other…

Overview VulnUni is a CTF challenge hosted on VulnHub and created by @emaragkos. It is a boot2root web application challenge that focuses on SQL injection vulnerabilities and linux privilege escalation. To solve this challenge, I used an unauthenticated blind SQL injection vulnerability, a php bind shell upload, and a linux kernel…

Introduction Simple CTF is a boot to root challenge curtesy of SecTalks. It can be found on VulnHub or on the SecTalk GitHub page . The challenge focuses on web application vulnerabilities, with one flag located in the root/flag directory. To complete this CTF, I used the latest distribution of Kali…

Overview Hackme is a CTF challenge which primarily focuses on web application testing. The challenge can be downloaded from VulnHub. To complete this challenge, I used VMware Fusion for virtualization and Kali Linux as my attack machine. Overall, hackme tested a small base of web application testing skills like SQL injection…