Open in app

Sign In

Write

Sign In

malfunction-grinds
malfunction-grinds

3 Followers

Home

About

Jul 11

Simple Python script for exploiting IDOR-BOLA

python3 -c 'for i in range(1,2001): print(i)' > num.txt ``` python3 -c ‘for i in range(1,2001): print(i)’ > num.txt ``` Use case: This can be used for automated fuzzing of webpages for IDOR/BOLA. The generated numbers(or id’s) can be used with FFUF to fuzz webpages.

Python

2 min read

Simple Python script for exploiting IDOR-BOLA
Simple Python script for exploiting IDOR-BOLA
Python

2 min read


Jul 11

When installing Docker you get“failed to fetch”… BUT when you run sudo apt-get update you get “The following signatures were invalid EXPKEYSIG ED**** Kali Linux Repository <devel@kali.org>”

Issue 1: Outdated repo Issue 2: Key Signature verification Resolution: ### Download ``` wget http://http.kali.org/kali/pool/main/k/kali-archive-keyring/kali-archive-keyring_2022.1_all.deb``` ``` ### Install ``` sudo dpkg -i kali-archive-keyring_2022.1_all.deb ``` ### remove downloaded file (housecleaning) ``` rm kali-archive-keyring_2022.1_all.deb ``` ### update ``` sudo apt-get update ``` ### For Convenience: Add && after every command

Linux Tutorial

1 min read

Linux Tutorial

1 min read


Jul 11

How to Install Docker and Docker Compose on Kali Linux

### T0 check if docker is already installed ``docker — version ### Docker version 19 and up should be okay ```sudo apt install docker.io``` ### Install Docker Compose ```sudo apt install docker-compose``` ### T0 check if docker-compose version/is already installed ``docker-compose — version If ever you encounter issues installing Docker and Docker-compose related to OS/Linux: Issue 1: Outdated repo Issue 2: Key Signature verification

Docker

1 min read

Docker

1 min read


Jul 5

ISC2 Members New Benefits

As an ISC2 member you get to have access to their new training launches as one of your benefits. I recently got an email about ISC2 Skill builder. I consumed the ICS Convergence module in about 2 hours (while working). And is now taking the “Web Application Penetration Testing” module.

Burpsuite

4 min read

ISC2 Members New Benefits
ISC2 Members New Benefits
Burpsuite

4 min read


Jun 17

The SecOps Group Certified Network Security Practitioner CTF

Just woke up on a Saturday morning. While aimlessly browsing through social media (yeah not a good practice), I chanced upon this post from SecOps group in LinkedIn. I have been studying for AWS-SAA-C03 the past week. I thought that another CTF (took KC7 Blue Team CTF just last Saturday)…

6 min read

The SecOps Group Certified Network Security Practitioner CTF
The SecOps Group Certified Network Security Practitioner CTF

6 min read


Jun 12

More on the Awesome KC7 Foundation CTF

Below is a writeup (sort of) of Question 12 Section 6: Security Jeopardy REDUX. This is worth 300 points. The hint says that I need to go to KC7 discord #general channel. Upon going to the channel, it says that I have intercepted a secret transmission! yay! puzzle! …

Cyberchef

4 min read

More on the Awesome KC7 Foundation CTF
More on the Awesome KC7 Foundation CTF
Cyberchef

4 min read


Jun 11

CTF for aspiring SOC Engineers

Yesterday, June 10, 2023 EST, KC7 (https://kc7cyber.com/) held an awesome capture-the-flag event. At first, I thought it was just like another vendor-hosted event wherein they will just pool your contact details and spam you with their products and services. I logged in and connected non-chalantly. I got weirded that in…

Blue Team

4 min read

CTF for aspiring SOC Engineers
CTF for aspiring SOC Engineers
Blue Team

4 min read


Jun 5

Unveiling the Power of C2 Servers: Orchestrating Cyber Attacks

In the ever-evolving landscape of cybercrime, criminals constantly seek innovative ways to exploit and control compromised systems. One such method is through the utilization of Command and Control (C2) servers. …

2 min read

2 min read


May 28

Unveiling the Dark Art of Phishing: Tools and Techniques Revealed.

My recent talk within the company I am employed with In a world where cyber threats loom large, phishing has emerged as a dominant technique employed by malicious actors. Recently, I had the opportunity to delve into the realm of phishing during a talk, where I shed light on the…

Phishing Awareness

3 min read

Unveiling the Dark Art of Phishing: Tools and Techniques Revealed.
Unveiling the Dark Art of Phishing: Tools and Techniques Revealed.
Phishing Awareness

3 min read


May 7

What is Pentera and How Can it Improve Your Security Posture?

Pentera is a cloud-based platform that can help organizations improve their security posture by identifying and prioritizing vulnerabilities in their systems. In this post, we’ll cover the basics of Pentera and how it can help improve your organization’s security. What is Pentera? Pentera is a cloud-based platform that uses advanced…

Vapt

2 min read

Vapt

2 min read

malfunction-grinds

malfunction-grinds

3 Followers

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech

Teams