-
Accessing an Android Service from Docker Using ADB Port Forwarding
You may come across a situation where you need to access a service running within Android. This can be done using ADB port forwarding and Genymotion. However, you may experience an issue when trying to access an Android service from a remote application. This post will cover how to address...
-
OSCP Exam Guide: Preparing and Passing
I recently wrote a guide on how to prepare and pass the Offensive Security Certified Professional (OSCP) exam. The guide includes tips for the following stages: pre-OSCP, PWK labs, post-labs and exam. The guide was published on Hack South and can be found at the below link: https://hacksouth.africa/community/oscp-guide/
-
Reducing False Alarms in Snort Intrusion Detection System
When initially setting up Snort to run as an intrusion detection/prevention system, you are likely to find a large number of alerts due to activity on your network. The majority of generated alerts may be false positives. This will make it harder to find malicious traffic on your network which...
-
OSCP Enumeration Cheat Sheet
I created an enumeration cheat sheet, which I recently uploaded to GitHub. I used this cheat sheet for conducting enumeration during my OSCP journey. Additionally, this cheat sheet contains commands and tools that I used while preparing for the OSCP using platforms like Vulnhub and Hack the Box. Some of...
-
Automating Time-Based Blind SQL Injection using Bash
This post introduces a bash script that I wrote (time_blind_sqli.sh) during my OSCP journey that can be used to exploit time-based blind SQL injection in vulnerable parameters located in GET or POST requests. While the use of SQLmap is permitted in the PWK labs, it is important to understand how...