This blog will take you through understanding the practical aspects of open-source security. It’ll also help you to make your first security contribution to an open-source project!
Participating in bug bounties is a very popular way for hackers to contribute to an organizations’ security and earn a few bucks off it. Organizations announce bounty programs to invite hackers to test and hack their online assets, this helps in the improvement of their systems through a crowdsourced model.
Ever thought of securing open-source software? Is it worth it? Let us understand it through this blog!
Time is a medium-rated machine on HackTheBox created by egotisticalSW and felamos which takes us through exploiting a Java Deserialization in a JSON validator web application and abusing a cronjob with a misconfigured file permission set to gain a root shell.
Information gathering is an integral part of cybersecurity. We require enumerating our target to know any potential loopholes. Being a cybersecurity enthusiasts we use different services like Shodan, Censys and perform things like fingerprinting, Google Dorking etc. This blog will make you familiar with another great service which is Spyse.
Passage is an interesting linux machine, it takes us through exploiting an RCE in CuteNews 2.1.2 content management system to exploiting USB-Creator D-Bus interface to gain root access.