Main TryHackMe WebSecAcademy
🔒 T3chnocr4t Cybersecurity Playground! 🔒
👋 Hi there! I’m Ogunbiyi Yusuf, but online I’m known as T3chnocr4t. I’m someone who’s learning about keeping the internet safe from bad guys. 🌐
As I learn about cybersecurity, I’m on a mission to understand how to keep websites/app and organization, safe from sneaky hackers. 🕵️♂️ Web/API security researcher.
📝 Here’s what you can expect from my blog:
-
💻 CTF Walkthroughs: I’ll guide you through steps on how I tackle various CTF challenges or labs from platforms like TryHackMe and PortSwigger.
-
📰 Article Sharing: I’ll be sharimg some articles I’ve written about the things I’ve learned
-
🧠 Learning: I’ll share new discoveries in cybersecurity to keep you informed and up-to-date.
🚀 Let’s go on this cybersecurity journey together and learn how to keep the internet a safer place!
🌐 Social Media: Follow me on:~#
Walkthrough
WebSecAcademy[Portswigger]:~#
WebSec Academy is an online platform or resource dedicated to teaching and training individuals in the field of web security.
| Writeup | Description | Date |
|---|---|---|
| LAB | Unprotected admin functionality | May 12 2024 |
| LAB | Unprotected admin functionality unpredictable URL | May 14 2024 |
| LAB | User role controlled by request parameter | May 15 2024 |
| LAB | User ID controlled by request parameter,with unpredictable user IDs | May 16 2024 |
| LAB | User ID controlled by request parameter | July 02 2024 |
| LAB | Basic SSRF against the local server | May 28 2024 |
| LAB | SSRF attacks against other back-end systems | May 29 2024 |
| LAB | Username enumeration via different responses | May 24 2024 |
| LAB | 2 Factor Authentication Simple Bypass | May 27 2024 |
| LAB | Remote code execution via web shell upload, PHP | May 22 2024 |
| LAB | All Path/Directory Traversal, URL encoding, Admin functionality | May 21 2024 |
| LAB | User ID controlled by request parameter with data leakage in redirect | July 03 2024 |
| LAB | Insecure direct object references | July 04 2024 |
| LAB | Referer-based access control | July 04 2024 |
| LAB | Information disclosure in error messages | Aug 07 2024 |
| LAB | Information disclosure on debug page | Aug 07 2024 |
| LAB | Source code disclosure via backup files | Aug 07 2024 |
| LAB | Authentication bypass via information disclosure | Aug 10 2024 |
| LAB | Infromation disclosure in version control history | Aug 10 2024 |
Tryhackme:~#
TryHackMe is an online platform that provides hands-on cybersecurity training through virtual labs, challenges, and interactive exercises.
| Writeup | Description | Date |
|---|---|---|
| ohSINT | Are you able to use open source intelligence to solve this challenge? | Feb 21 2024 |
| RootMe | A ctf for beginners, can you root me? | Mar 3 2024 |
| Searchlight | OSINT challenges in the imagery intelligence category | Mar 5 2024 |
| WebOsint | Conducting basic open source intelligence research on a website | Mar 19 2024 |
| CrackTheHash | Cracking hashes challenges | Apr 16 2024 |
| AgentSudo | You found a secret server located under the deep sea. Your task is to hack inside the server and reveal the truth. | Apr 18 2024 |
| Hackland | find out what is hacksparo is really hiding from us. | June 4 2024 |
Scripting:~#
| Writeup | Description | Date |
|---|---|---|
| Bash Scripting | Variables, echo | jan 27 2024 |
| Nmap Script | Nmap, Script | jan 29 2024 |
If you have any issues with my write-up or if you’d like to connect with me, here is my Twitter @T3chnocr4t