Daemon Of Hacking
  • WELCOME!
    • 👋/home/usr/KruKnight
  • METHODOLOGIES & RESOURCES
    • Passwords & Attacks
    • Post Exploitation
      • 👀Situational Awareness
      • 🖥️Privilege Escalation
        • Linux Privilege Escalation
        • Windows Privilege Escalation
  • Writeups
    • CyCtf 2024
      • Vending Machine
      • Aerospace
      • OhMyCell
    • Portswigger Labs
      • Authentication
        • Username enumeration via different responses
        • 2FA simple bypass
        • Password reset broken logic
        • Username enumeration via subtly different responses
        • Username enumeration via response timing
        • Broken Brute-Force Protection, IP Block
        • Username enumeration via account lock
        • 2FA broken logic
        • Brute-forcing a stay-logged-in cookie
        • Offline password cracking
        • Password reset poisoning via middleware
        • Password brute-force via password change
        • Broken brute-force protection, multiple credentials per request
      • Os Command Injection
        • OS command injection, simple case
        • Blind OS command injection with time delays
        • Blind OS command injection with output redirection
        • Blind OS command injection with out-of-band interaction
        • Blind OS command injection with out-of-band data exfiltration
      • Cross-Origin Resource Sharing (CORS)
        • CORS vulnerability with basic origin reflection
        • CORS vulnerability with trusted null origin
        • CORS vulnerability with trusted insecure protocols
      • Server-side template injection
        • Basic server-side template injection
        • Basic server-side template injection (code context)
      • Server-Side Request Forgery (SSRF)
        • Basic SSRF against the local server
        • Basic SSRF against another back-end
        • Blind SSRF with out-of-band detection
        • SSRF with blacklist-based input filter
        • SSRF with filter bypass via open redirection vulnerability
      • Path Traversal
  • 🟩HTB Writeups
    • Heal
Powered by GitBook
On this page
  • Hello!
  • Motivation
  • Happy Reading!

Was this helpful?

  1. WELCOME!

/home/usr/KruKnight

NextPasswords & Attacks

Last updated 7 days ago

Was this helpful?

Hello!

Welcome to my security blog. I'm KruKnight, and I'm here to discuss different topics about cybersecurity, with a focus on offensive security. 🥷🏿

Knowledge should be free, accessible to all, and in one place. The security community permitted me to be able to learn all of this, this is just me giving back.

Motivation

I've always believed in sharing knowledge and helping others. These notes are an excellent way for me to convey my knowledge, skill set, and a good way to share what I've learned through my experiences.

I'm a passionate and eager learner, continuously looking to expand my skills and learn new things on a daily basis.

I'm currently seeking a Penetration Tester role/internship, to expand my real-world experience in the field.

You can contact me through:

: youssefmohamed.a04@gmail.com

:

:

CV:

I'm open to feedback about any of the articles. Feel free to reach me anytime through my socials.

I hope you find a topic that interests you.

Happy Reading!

👋
https://www.linkedin.com/in/youssefmaae/
https://x.com/KruKnight
https://flowcv.com/resume/k62kua2mb5