Objective Active Directory implementation can get complicated. There are many ways to configure it and many scripts that can help with automating the process. I’m going to configure Active Direct...

Initial Access - Default credentials to Apache Tomcat leads to malicious file upload Vulnerability Explanation: The webserver on port 8080 uses Apache Tomcat. The server is using default credentia...

Objective Splunk is a well-known and popular SIEM tool. In this scenario, I will be installing it on the Splunk Ubuntu Server on 192.168.10.10. In order for it to gather information from the othe...

Week 1 Purpose Ever since I began learning about cybersecurity in 2022, there has always been one concept that has stood out ahead of the rest. A word that strikes fear into the hearts of any CIS...

Initial Access - Default Credentials leads to Exposed SSH Credentials on Web Server Vulnerability Explanation: The web application, Request Tracker, on port 80 is running with default credentials....

Objective Setting up a network can be a difficult and tedious process. Especially if you have never done it before. Four main components need to be setup to create the network needed for the scen...

Initial Access - Weak Credentials + Publicly Available Exploit leads to RCE Vulnerability Explanation: The web server on port 80 is running with weak credentials admin:admin. This allows for acces...

Purpose Active Directory (AD) is a directory service developed by Microsoft for Windows domain networks. It provides a centralized location for network administration and security, allowing admini...

Initial Access - Publicly Available Exploit leads to RCE Vulnerability Explanation: The web application is running, ‘request-baskets 1.2.1’ and ‘Mailtrail v0.53’, both of which have a publicly ava...

Initial Access - Publicly Available Exploit leads to RCE Vulnerability Explanation: The web application is running, ‘Searchor 2.4.0’, which has a publicly available exploit on github. Using the ex...