The following technical work is entirely credited to @infosecfacts — I was just the glorified spellchecker and keyboard monkey for this one. If you’ve got questions, feedback, or failed attempts at hacking your girlfriend’s Instagram (let’s be honest, we know you don’t have one 😉 ), direct them to Infosecfacts via the links or contact […]
Wfuzz For Skids: A Primer on Fuzzing for Nerds
What Is Fuzzing? Imagine whispering sweet, chaotic nothings into a web app’s ear just to see how it reacts. That’s fuzzing. Or more accurately: you throw malformed, unexpected, or straight-up weird input at a target, hoping something breaks, spills its guts, or at least blinks weirdly. Web fuzzing is the digital equivalent of jiggling every […]
HackTheBox – Lame Write-up
This is a walkthrough of the Lame machine from HackTheBox. Folder Setup and Nmap Scan Results of the Nmap Scan Anonymous FTP Access Anonymous FTP is enabled. Use anonymous as the username when prompted. Simply press ‘Enter’ when prompted for the password without typing anything. Found nothing interesting. Type ‘exit’ to quit the FTP session. […]
Beyond Dumb Shells: Mastering Reverse Shell Stabilization
Every pentester knows that exhilarating moment when they catch a reverse shell—only to lose it seconds later by pressing “Ctrl-C” out of habit. A fragile, one-time shell is a problem, especially when certain commands require a fully interactive terminal. In this post, we’ll go beyond the usual fixes and explore powerful methods—some well-known, some lesser-known—to […]