w1zard.com is running serverless! Yes! About eight months now actually. And it feels a bit Y2K blogging using text / code editors. But “why?” you may be asking yourself. Well, I have a few reasons here:
Kali is using Zsh as the default shell since release 2020.4, so everybody had more than enough time to overcome their grief. During the time I’ve been using it, I found out some tricks, so, here’s my version of zsh + oh-my-zsh + spaceship + plugins.
This machine is part of a challenge created by the #Becodoexploit Hacking Club. It’s available in the Tryhackme platform and also in the Vulnhub. I’ll start the setup with editing the machine’s IP into a variable and also saving it onto my hosts file.
A fundamental part during the execution of a pentest is a good communication. Have the contacts established, know the triggers and understand the reasons why you need to communicate during the ongoing security tests.
To add some quality of life when transfering files and accessing my server, I set up key based authentication. I already had my keys created as I was using them for another server.
Basic Pentesting is an easy boot2root virtual machine available at Try Hack Me. It is also available at Vulnhub. In this room we’ll practice the following skills: service enumeration linux enumeration brute forcing hash cracking We can start enumerating all the open ports.
Got bored, decided to edit and publish an old write-up. I’m going to play with a Vulnhub machine called Jarbas. Name: Jarbas: 1 Date release: 3 Apr 2018 Author: Tiago Tavares Series: Jarbas If you want to keep your hacking studies, please try out this machine!
Got some free time, booted up another Vulnhub virtual machine. This time we’ll be playing with Mr-Robot: 1. 📝 Note: Based on the show, Mr. Robot. This VM has three keys hidden in different locations.
This machine present in the private lab was made public in Vulnhub so I’m giving it another run. Would you like to keep hacking in your own lab? Try this brand new vulnerable machine!
Here goes a quick tip, but mostly a reminder to myself. After a fresh install of your favorite pentest distro, upon making a search on the Metasploit for the first time you’ll get the warning message below: