Welcome to My Cyber Security Blog, where i talk about Solution to Challenges in CTF’s I played and Labs solved

---

Main  Github 

---

CTFs:

---

• [2023 Mar, 28] PICO CTF 2023
• [2022 Nov, 15] Nahamcon CTF
• [2022 Oct, 19] WICTF
• [2022 Sept, 22] Meta CTF 2022

---

---

Reverse Engineering:

---

Crackmes:

This are simple programms writen in different languages and logics which you could use to improve your reverse engineering skills.

---

---

• [2023 May, 17] EasyCrackMe
• [2023 May, 18] GDB Basics 😄
• [2023 May, 20] Sha256 = Secure ?
• [2023 May, 20] G0l4ng_15_C00L

---

---

---

Binary Exploitation:

This are my notes on Binary Exploitation where i document challenges i solved and script i used in solving them.

Exploit Education Phoenix:

This categories of challenges introduced me to memory corruption, modification, function redirection, and eventually, executing shellcode.

---

---

• [2023 jun, 4] Stack-Zero
• [2023 jun, 5] Stack-One
• [2023 jun, 5] Stack-Two
• [2023 jun, 5] Stack-Three
• [2023 jun, 5] Stack-Four

---

• [2021 Mar, 5] PoP-Twice

---

VulnHub:

VulnHub was born to cover as many as possible, creating a catalogue of ‘stuff’ that is (legally) ‘breakable, hackable & exploitable’ - allowing you to learn in a safe environment and practise ‘stuff’ out.

---

---

• [2023 May, 18] Pandoras Box Level 1
• [2023 May, 23] Pandoras Box Level 2

---

PortsWigger LABS

---

• [2023 Jul, 22] SQLi LABS
  • lab sql injection vulnerability in where clause allowing retrieval of hidden data
  • lab sql injection vulnerability allowing login bypass
  • lab sql injection attack querying the database type and version on oracle
  • lab sql injection attack querying the database type and version on mysql and microsoft
  • lab sql injection attack listing the database contents on non oracle databases
  • lab sql injection attack listing the database contents on oracle
  • lab sql injection union attack determining the number of columns returned by the query
  • lab sql injection union attack finding a column containing text
  • lab sql injection union attack retrieving data from other tables
  • lab sql injection union attack retrieving multiple values in a single column
  • lab blind sql injection with conditional responses
  • lab blind sql injection with conditional errors
  • lab visible error based sql injection
  • lab blind sql injection with time delays
  • lab blind sql injection with time delays and information retrieval
  • lab blind sql injection with out of band interaction
  • lab blind sql injection with out of band data exfiltration
  • lab sql injection with filter bypass via xml encoding

---

• [2023 Aug, 20] Access Control Labs
  • lab-unprotected-admin-functionality
  • lab-unprotected-admin-functionality-with-unpredictable-url
  • lab-user-role-controlled-by-request-parameter
  • lab-user-role-can-be-modified-in-user-profile
  • lab-user-id-controlled-by-request-parameter
  • lab-user-id-controlled-by-request-parameter-with-unpredictable-user-ids
  • lab-user-id-controlled-by-request-parameter-with-data-leakage-in-redirect
  • lab-user-id-controlled-by-request-parameter-with-password-disclosure
  • lab-insecure-direct-object-references
  • lab-url-based-access-control-can-be-circumvented
  • lab-method-based-access-control-can-be-circumvented
  • lab-multi-step-process-with-no-access-control-on-one-step
  • lab-referer-based-access-control

---

• [ 2023 Aug, 26] Command Injection Attack Labs
  • lab-os-command-injection-simple-case
  • lab-blind-os-command-injection-with-time-delays
  • lab-blind-os-command-injection-with-output-redirection
  • lab-blind-os-command-injection-with-out-of-band-interaction
  • lab-blind-os-command-injection-with-out-of-band-data-exfiltration

---

• [ 2023 Aug, 28] Directory Traversal Attacks Labs
  • lab-file-path-traversal-simple-case
  • lab-file-path-traversal-traversal-sequences-blocked-with-absolute-path-bypass
  • lab-file-path-traversal-traversal-sequences-stripped-non-recursively
  • lab-file-path-traversal-traversal-sequences-stripped-with-superfluous-url-decode
  • lab-file-path-traversal-validation-of-start-of-path
  • lab-file-path-traversal-validation-of-file-extension-with-null-byte-bypass
• [2023 Aug, 5] XSS LABS

---

---

Pentester LABS

---

• [2023 jul, 28] SQL Injection Lab
  • sql-injection-01
  • sql-injection-02
  • sql-injection-03
  • sql-injection-04
  • sql-injection-05
  • sql-injection-06

---

• [2023 jul, 29] Authorization Lab
  • authorization-01
  • authorization-02
  • authorization-03
  • authorization-04
  • solving-authorization-05
  • authorization-06

---

• [2023 Sept, 20] Android Lab
  • android-01
  • android-02
  • android-03
  • android-04
  • android-05
  • android-06
  • android-07
  • android-08

---

• [2023 Sept, 24] API Lab
  • api-01
  • api-02
  • api-03
  • api-04
  • api-05
  • api-06
  • solving-api-07
  • api-08

---

• [2023 Sept, 24] API Payments Lab
  • api-payments-01
  • api-payments-02
  • api-payments-03
  • api-payments-04
  • api-payments-05
  • api-payments-06
  • api-payments-07

---

• [2023 Sept, 25] Remote Code Execution Lab
  • code-execution-01
  • code-execution-02
  • code-execution-03
  • code-execution-04
  • code-execution-05
  • code-execution-06
  • code-execution-07
  • code-execution-08
  • code-execution-09
  • command-execution-01
  • command-execution-02
  • command-execution-03

---

• [2023 Sept, 28] Directory Traversal Lab
  • directory-traversal-01
  • directory-traversal-02
  • directory-traversal-03

---

• [2023 Sept, 29] Git Information Leak Lab
  • git-information-leak
  • git-information-leak-ii

---

• [2023 Sept, 30] RECON Lab
  • recon-00
  • recon-01
  • recon-02
  • recon-03
  • recon-04
  • recon-05
  • recon-06
  • recon-07
  • recon-08
  • recon-09
  • recon-10
  • recon-11
  • recon-12
  • recon-13
  • recon-14
  • recon-18
  • recon-15
  • recon-16
  • recon-17
  • recon-18
  • recon-19
  • recon-20
  • recon-21
  • recon-22
  • recon-23
  • recon-24
  • recon-25
  • recon-26

Hacktheb0x:

• [2023 oct, 14] PopCorn -LFI-

---

---

Support Or Get in touch with Me:

Reach Out and Let’s Connect! am a DM away let’s discuss hacking and cybersecurity!! .

---

---