Don't say we didn't warn you.
This is post 1 of 3 in the series “[ Auditing With the OWASP Top 10 ]” This course is designed for web developers who want to learn how their applications can be attacked, and how to remediate threats, organized around the OWASP Top 10. [ Table of Contents ]
Exploit sudo and SUID files to run your own commands.
My productivity took a big hit a few months ago when I took a bad fall and broke my hip. While I’ve still been studying and hacking, I haven’t carried forward the curriculum development I’ve been doing on this site. But that’s going to change. My idea for this site is this: to build logical, …
This is post 14 of 17 in the series “[ Hacker Night School ]” Tsuki’s capture the flag Speedruns of HackTheBox machines are WAY too fun, and addictive as candy. I’m going to use this particular vid as a test, to see how useful a full explanation is for my Hacking 101 students. Hacking Access …
Continue reading “[ Hacker Night School ] :: Tsuki CTF Pwns Access on HackTheBox”
This is post 5 of 5 in the series “[ How to Teach Hacker Highschool ]” This is the fifth unit of my course for teachers, which brings together a lot of material I generated while working as Project Manager for the Hacker Highschool v2 Rewrite Project, 2012-2016. This session helps you get started with …
Continue reading “[ How to Teach Hacker Highschool: Unit 5 ]”
This is post 13 of 17 in the series “[ Hacker Night School ]” This is a non-optional skill for anyone who manages systems, runs networks, develops software or hacks on any of these to make them work or break them. 😉 Git (in case you’re a total newb; otherwise skip this) is a code …
This is post 12 of 17 in the series “[ Hacker Night School ]” Cain & Abel is a “password recovery tool” that runs on Windows, and targets Windows. It’s actually two tools, one that sniffs the network looking for LM or NTLM passwords (and a lot of other stuff like recording VOIP calls, doing …