MYSTIKO

Secrets are meant to be secret

Page 2 of 5

Protected: Sauna

There is no excerpt because this is a protected post.

Protected: Cascade

There is no excerpt because this is a protected post.

My review on AWAE course and corresponding OSWE exam

I personally love The Web Application Hacker’s Handbook, since it is regarded as the Bible of black box web application security testing by many web application security researchers, and bug bounty hunters. The book speaks heavily about finding security issues that… Continue Reading →

Setting up Mobile Static Code Analysis platform using Docker and MobSF

Introduction With the advent of smartphones since 2010, Android has substantially increased as choice of Operating System to be used in smartphones after iOS. So much so, that statistics show that Android has a market coverage of 86.6% worldwide. Android… Continue Reading →

Traversexec

As usual Nmap scan showed only 2 ports open port 22 and port 80.  Port 80 was running nostromo service. After a little enumeration on nostromo service I found an RCE exploit for the same.  After getting the reverse shell,… Continue Reading →

The AWAE/OSWE Journey: A Review

Students who are familiar with the PWK/OSCP understand that the field of penetration testing is broad, and at times, overwhelming because there is a lot to learn. Does the AWAE/OSWE come across as significantly less broad? Well, not exactly, because… Continue Reading →

OSCP prep

Recon Enumerate subnet nmap -sn 10.11.1.1/24 Fast simple scan nmap -sS 10.11.1.111 Full complete slow scan with output nmap -v -sT -A -T4 -p- -Pn –script vuln -oA full 10.11.1.111 Autorecon python3 autorecon.py 10.11.1.111 OneTwoPunch https://raw.githubusercontent.com/superkojiman/onetwopunch/master/onetwopunch.sh onetwopunch.sh ip.txt tcp Scan… Continue Reading →

How to secure yourself from Malware misusing VSSAdmin.exe

vssadmin.exe is an internal process-related with Microsoft® Windows® Operating System from Microsoft Corporation. Vssadmin is a default Windows process that controls volume shadow duplicates of the documents on a given PC. These shadow copies are regularly utilized as a recovery… Continue Reading →

Sniper

As always 1st a nmap scan root@kali:~/htb/sniper# nmap -A 10.10.10.151 -oN fullscan Starting Nmap 7.80 ( https://nmap.org ) at 2020-01-27 05:00 EST Nmap scan report for sniper.htb (10.10.10.151) Host is up (0.091s latency). Not shown: 996 filtered ports PORT STATE… Continue Reading →

Hackback

Hackback was a very hard hackthebox retired machine  It’s a Windows machine and its ip is 10.10.10.128, I added it to /etc/hosts as hackback.htb. Let’s jump right in ! Nmap As always we will start with nmap to scan for open ports and services :… Continue Reading →

« Older posts Newer posts »

© 2020 MYSTIKO — Powered by WordPress

Theme by Anders NorenUp ↑