Python Script With the script you can execute uploaded file and dump the database: #!/usr/bin/env python3 """ Help HTB -------- Author: Marss Date: 28 Jul, 2023 """ from argparse import Argum...

Python Script With the script you gain remote code execution like (www-data) user: #!/usr/bin/env python3 """ Academy HTB ------------ Author: Marss Date: 24 Jul, 2023 """ from argparse impor...

Python Script With the script you gain full access to machine, read files and bruteforce admin login password: #!/usr/bin/env python3 """ NodeBlog HTB ------------ Author: Marss Date: 21 Jul, ...

Python Script With the script you gain www-data access to machine: #!/usr/bin/env python3 """ TwoMillion Foothold ------------------- Author: Marss Date: 19 July, 2023 """ from argparse impor...

Mi experiencia sobre el eJPTv2 ¿Es tan sencilla como dicen? Después de adquirir el voucher del exámen en INE que contenía el nuevo curso de preparación Penetration Testing Student y 2 intentos p...

Python Script With the script you gain full access to machine: #!/usr/bin/env python3 """ Stocker Autopwn ---------------- Author: Marss Date: 24 Apr, 2022 """ from argparse import ArgumentPa...

To code! Programming logic challenges for 25 days, categorized into various difficulties and the choice to solve each challenge with your preferred language. I will publish in my repository htt...

Cyber Security in 24 days! 24 days of challenges on cybersecurity issues where each stage of a real attack process is studied. The following topics are covered: Frameworks 🔵 Log Analysis 🔵...

First CTF! Classic CTF in grous with various topics such as: Warmup, Web, Pwn, Rev, Crypto, Mobile, DevOps, Cloud, Misc, Hardware, Networking, Scripting, and Web3. As a first experience we learn...

Overview Directory Path Traversal by grafana plugin url (CVE-2021-43798) SQLite and MySQL Database enumeration (Foothold) Remote Code Execution by Consul Service Registration (Privilege Esc...