Something I really appreciate about this IT field is that, unlike in most of the other fields, the experts in this field, sincerely love to help newbies to be great in this field . #davidbombal #cyberinsight #Python #Python #networkprogramming #IT

Completed the #windowsprivilegeescalation room on @RealTryHackMe, but not happy about it. I don't understand any of the methods. Hopefully, the WPE course from @TCMSecurity will help me with it. I'll redo this room again in the future. Not gonna give up any time soon! #hacksei

2/2 | I've marked the topics I find hard to understand to revise later during/after the #LPE course from @TCMSecurity. Hopefully, all my doubts will be solved there. Lesson learned through this #THM room:.1. Post-exploitation enumeration. 2. Various #privilegeescalation methods.

1/2 | Happy to complete the #linuxprivilegeescalation room on @RealTryHackMe . This room is easily one of my fav rooms now. Learned & struggled a lot. I'm still working my way through the 'PATH' & 'SUDO' vectors. #tryhackme #hacksei

Happy to complete the NetSec challenge on #tryhackme. It was the last room of the module, Network Security. This particular room was a challenge to test our understanding & knowledge based on the previous rooms we have completed in this module. @RealTryHackMe #hacksei

Happy to complete 2 rooms on #tryhackme about Protocols & Servers. Lesson Learned:.1. Various ports, protocols & services, namely for emails & file transfer. 2. Insecure connection via TELNET & secure connections via TLS & SSH. 3. Sniffing attack, MITM attack & password attack.

Happy to learn about some advanced functions of #Nmap via the post port-scan room on #tryhackme. Lessons learned:.1. Service & its version detection. 2. OS detection. 3. What is & how to use NSE scripts for thorough scans. 4. Nmap output formats. @RealTryHackMe #hacksei

Happy to learn more advanced port scanning with #nmap on #tryhackme. Lessons learned:.1. trick scans: null/fin/xmas/maimon/ack/wind/custom. 2. ip & mac spoofing & decoying tricks, & zombie scan. 3. Fragmenting packets to avoid firewalls & IDS. 4. detailed, verbose & debug scans.

Glad to have completed the #Nmap port scans room on #TryHackMe. Lessons learned:.1. TCP/UDP scans & responses. 2. TCP flags & connect scans. 3. fine-tuning the ports scan, scan time, packet rates, & parallelization. @RealTryHackMe #hacksei

Happy to enhance my #Nmap knowledge and skills via the Nmap Host Discovery room on #TryHackMe. Lessons learned:.1. Subnet discovery. 2. Target enumeration. 3. Host discovery via ARP, ICMP, & TCP/UDP scans. 4. Introduced to masscan. @RealTryHackMe #hacksei

let's see if i'm lucky.

Happy to complete the active #reconnaissance room on #tryhackme. #recon.#hacksei.@RealTryHackMe

easy & fun room, as I have already learned about them. It was a good recap for me. @RealTryHackMe.#recon #hacksei.#tryhackme #reconnaissance.

Enhanced my passive #reconnaissance skills on #tryhackme. Among them are:.1. #Whois lookup, #nslookup, & dig for domain recon. 2. #DNSDumpster for subdomain recon. 3. Use to gather various pieces of info about the target's network. @RealTryHackMe.#hacksei

I've earned the Burp'ed Badge on #TryHackMe for completing the #BurpSuite module. -.#tryhackme via @realtryhackme.

Happy to complete the #burpsuite extension module on #tryhackme. Not a technical room, but good to have the knowledge about it. 1. Burp app store & extension interface. 2. #Jython integration. 3. Burp Suite API. #hacksei.@RealTryHackMe

2/2 | Lessons learned:.1. decoder: to decode/encode/hash given data. 2. comparer: compare 2 sets of data to detect a difference between them. 3. Sequencer: to evaluate the randomness of "tokens". 4. organizer: to save HTTP requests for further investigations later. #tryhackme

1/2 | Happy to learn about other modules of the #burpsuite tool via #tryhackme. Love them all, especially the #Decoder & the #Sequencer modules. Learned many things, but lack hands-on labs for the organizer. Overall, pretty good. #hacksei.@RealTryHackMe.@PortSwigger

2/2 | Lessons Learned:.1. Introduced to the #intruder module & its importance in #burpsuite. 2. Payload configs & attack types within Intruder. 3. Performed pitchfork & sniper attacks on the target system. 4. Configured a MACRO to use in the pitchfork attack. 5. Intro to #CSRF.

1/2 | Happy to complete the #intruder of #burpsuite room on #tryhackme via @tryhackme. Exploited an #IDOR #vulnerability through the sniper attack & a #CSRF vulnerability through the pitchfork attack with an added MACRO to capture the session cookie & login token.

2/2 | Lessons Learned:.1. Understanding the #repeater module of #burpsuite. 2. Acknowledged & utilized the different sections & the subsequent options within the repeater & proxy module. 3. Found & Exploited a Union-Based #SQLInjection vuln with the aid of the repeater module.