- 206
- 1 743 904
thehackerish
Luxembourg
Приєднався 2 січ 2020
If you are here, this means that you are either a student who wants to start a career in information security industry, or a developer who wants to secure the code you write, or a bug bounty hunter who struggles to find its way to bugs, or a penetration tester who is always hungry to discover, learn and share ideas in the wonderful land of ethical hacking.
Well, you came to the right place! This channel will serve your needs.
Well, you came to the right place! This channel will serve your needs.
Can I Hack This? InfluxDB Hacking and Docker Escape
#pentesting #ctf #hacking #cybersecurity #influx #docker
DISCLAIMER: The techniques shown here should strictly be used on targets you HAVE permission to test. NEVER hack something you don't have permission to.
In this video, I demonstrate how to hack a CTF target and get root access to the host's filesystem through leaks and misconfigurations in InfluxDB and Docker container.
Credit: Sweettooth Inc. from TryHackMe (tryhackme.com/room/sweettoothinc)
🔥Use Coupon THEHACKERISH and Get 5% discount on CRTP and other courses on www.alteredsecurity.com/ when you pay with Stripe.
🚀 🔥 Become a pentester
academy.thehackerish.com/p/from-zero-to-signing-your-first-ethical-hacker-job?
📙 Learn the technical skills:
thehackerish.com/best-hacking-websites-for-ethical-hackers/
📙 Become a successful bug bounty hunter: thehackerish.com/a-bug-bounty-hunting-journey-book
🆓 Download your FREE Web hacking LAB and starting hacking NOW: thehackerish.com/owasp-top-10-lab-vm-free
🌐 Read more on the blog: thehackerish.com
🇩 Discord: discord.gg/2ykmr2ynpf
💪🏻 Support this work: thehackerish.com/how-to-support
- Facebook Page: thehackerish
- Follow us on Twitter: thehackerish
- Listen on Anchor: anchor.fm/thehackerish
- Listen on Spotify: open.spotify.com/show/4Ht8jEbPzyZnfbIlhFG91x
- Listen on Google Podcasts: podcasts.google.com/?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy8xYTVkYTgxYy9wb2RjYXN0L3Jzcw%3D%3D
DISCLAIMER: The techniques shown here should strictly be used on targets you HAVE permission to test. NEVER hack something you don't have permission to.
In this video, I demonstrate how to hack a CTF target and get root access to the host's filesystem through leaks and misconfigurations in InfluxDB and Docker container.
Credit: Sweettooth Inc. from TryHackMe (tryhackme.com/room/sweettoothinc)
🔥Use Coupon THEHACKERISH and Get 5% discount on CRTP and other courses on www.alteredsecurity.com/ when you pay with Stripe.
🚀 🔥 Become a pentester
academy.thehackerish.com/p/from-zero-to-signing-your-first-ethical-hacker-job?
📙 Learn the technical skills:
thehackerish.com/best-hacking-websites-for-ethical-hackers/
📙 Become a successful bug bounty hunter: thehackerish.com/a-bug-bounty-hunting-journey-book
🆓 Download your FREE Web hacking LAB and starting hacking NOW: thehackerish.com/owasp-top-10-lab-vm-free
🌐 Read more on the blog: thehackerish.com
🇩 Discord: discord.gg/2ykmr2ynpf
💪🏻 Support this work: thehackerish.com/how-to-support
- Facebook Page: thehackerish
- Follow us on Twitter: thehackerish
- Listen on Anchor: anchor.fm/thehackerish
- Listen on Spotify: open.spotify.com/show/4Ht8jEbPzyZnfbIlhFG91x
- Listen on Google Podcasts: podcasts.google.com/?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy8xYTVkYTgxYy9wb2RjYXN0L3Jzcw%3D%3D
Переглядів: 3 522
Відео
I Hacked & Exposed This Fake Website for Educational Purposes - CTF
Переглядів 165 тис.9 місяців тому
#pentesting #ctf #hacking #cybersecurity #php 00:00 - intro 00:08 - Disclaimer 00:19 - Mapping 02:23 - Digging 03:24 - Attempting file read 04:30 - Interesting log 04:50 - Log poisoning 05:44 - Remote Code Execution 06:38 - Log script 07:30 - Filter Bypass 08:30 - Command injection and Privilege escalation 09:41 - Exposing the dark secret DISCLAIMER: The techniques shown here should strictly be...
I legally defaced this website.
Переглядів 502 тис.9 місяців тому
#pentesting #ctf #hacking #cybersecurity 00:00 - intro 00:33 - Disclaimer 00:43 - Mapping the website 02:15 - Directory listing 04:03 - Hidden portal 05:42 - Bruteforce 06:04 - More enumeration 06:53 - FTP access 07:12 - SSH hacking 08:22 - Another website 09:16 - Interesting file 10:59 - Read arbitrary files 14:11 - More enumeration 14:52 - Backup file with htpassword hash 15:17 - Cracked the ...
Domain Admin: Bloodhound, Mimikatz, Pass-The-Hash & Golden ticket.
Переглядів 8 тис.10 місяців тому
#pentesting #ctf #hacking #cybersecurity #activedirectory #redteaming DISCLAIMER: This video is for educational purposes ONLY. The techniques shown here should strictly be used on targets you HAVE permission to test. NEVER hack something you don't have permission to. 🔥Use Coupon THEHACKERISH and Get 5% discount on CRTP and other courses on www.alteredsecurity.com/ when you pay with Stripe. In t...
Hacked and Backdoored this website in MINUTES! NEVER try this on unauthorized targets!
Переглядів 240 тис.10 місяців тому
#pentesting #ctf #hacking #cybersecurity DISCLAIMER: The techniques shown here should strictly be used on targets you HAVE permission to test. NEVER hack something you don't have permission to. In this video, I demonstrate how I hacked a CTF target, got root, and backdoored it in just minutes. You will learn many hacking techniques along the way! Challenge from @indishell1046 🔥Use Coupon THEHAC...
4 Active Directory Attacks to become Domain Admin!
Переглядів 17 тис.11 місяців тому
#pentesting #ctf #hacking #cybersecurity #activedirectory #redteaming 🔥Use Coupon THEHACKERISH and Get 5% discount on CRTP and other courses on www.alteredsecurity.com/ In this video, I demonstrate how I hacked an Active Directory target using 4 attack paths! 🚀 🔥 Become a pentester academy.thehackerish.com/p/from-zero-to-signing-your-first-ethical-hacker-job? 📙 Learn the technical skills: theha...
HACK, Backdoor, Defend, in MINUTES!
Переглядів 4,4 тис.Рік тому
#pentesting #ctf #hacking #cybersecurity In this video, I demonstrate how I hacked a CTF target, got root, and backdoored it in just minutes. You will learn many hacking techniques along the way! 🚀 🔥 Become a pentester academy.thehackerish.com/p/from-zero-to-signing-your-first-ethical-hacker-job? 📙 Learn the technical skills: thehackerish.com/best-hacking-websites-for-ethical-hackers/ 📙 Become ...
Become Root INSTANTLY With THESE 7 Techniques! And How to Stay SAFE!
Переглядів 2,6 тис.Рік тому
#pentesting #ctf #hacking #cybersecurity 00:00 - intro 00:42 - Privesc technique 1 02:12 - Root attack 2 03:57 - Attack 3 05:40 - Technique 4 08:00 - Privilege Escalation attack 5 10:44 - Technique 6 12:22 - Attack 7 Challenges mentioned in the Video BilluB0x: ua-cam.com/video/kfS0Yi9q7mU/v-deo.html BullDog2: ua-cam.com/video/sw4ttT9kMP4/v-deo.html Born2Root: ua-cam.com/video/3VMcIuO8olQ/v-deo....
Your OLD Server is HACKED like THIS☝️Update NOW!
Переглядів 1,6 тис.Рік тому
#pentesting #ctf #hacking #sqlinjection Part 1: Available end of week Part 2: Available end of week Hey what’s up? In this video series, I will demonstrate penetration testing on a vulnerable CTF challenge named Bulldog. In this episode, I will become root and own the server. 🚀 🔥 Become a pentester academy.thehackerish.com/p/from-zero-to-signing-your-first-ethical-hacker-job? 📙 Learn the techni...
Chain 2 Bugs, Get Code Execution!
Переглядів 1,3 тис.Рік тому
#pentesting #ctf #hacking #sqlinjection Hey what’s up? In this video series, I will demonstrate penetration testing on a vulnerable CTF challenge named Bulldog. In this episode, I will chain two vulnerabilities to get a remote code execution on the server. 🚀 🔥 Become a pentester academy.thehackerish.com/p/from-zero-to-signing-your-first-ethical-hacker-job? 📙 Learn the technical skills: thehacke...
BYPASS this Tricky SQL Injection Filter - Billu Walkthrough Ep2
Переглядів 5 тис.Рік тому
#pentesting #ctf #hacking #sqlinjection Part 1: Available end of week Part 2: Available end of week Hey what’s up? In this video series, I will demonstrate penetration testing on a vulnerable CTF challenge named Bulldog. In this episode, I will bypass a SQL injection filter and a File Upload filter to gain access to a restricted admin panel and upload arbitrary data to the server. 🚀 🔥 Become a ...
Path Traversal in Action! - Billu Walkthrough Ep1
Переглядів 3,9 тис.Рік тому
#pentesting #ctf #hacking #metasploit #kalilinux #hashcat #redteaming Part 1: Available end of week Part 2: Available end of week Hey what’s up? In this video series, I will demonstrate penetration testing on a vulnerable CTF challenge named Bulldog. In this episode, I will enumerate exposed services using port scanning with nmap, perform web application testing, and exploit a Path Traversal vu...
Privilege Escalation Technique You Should Know! - Bulldog 2 Walkthrough Ep3
Переглядів 1,9 тис.Рік тому
#pentesting #ctf #hacking #metasploit #kalilinux #hashcat #redteaming Part 1: Available end of week Part 2: Available end of week Bulldog v1 Part 1: ua-cam.com/video/fKMuzyyjvLQ/v-deo.html Bulldog v1 Part 2: ua-cam.com/video/gNgclig1eX4/v-deo.html Bulldog v1 Part 3: ua-cam.com/video/Y3XiR55m-mY/v-deo.html Bulldog v1 Part 4: ua-cam.com/video/rv5Swkl521M/v-deo.html Bulldog v1 Part 5: ua-cam.com/v...
Broken Auth and Command Injection! - Bulldog 2 Walkthrough Ep2
Переглядів 1,3 тис.Рік тому
#pentesting #ctf #hacking #metasploit #kalilinux #hashcat #redteaming Part 1: Available end of week Part 2: Available end of week Bulldog v1 Part 1: ua-cam.com/video/fKMuzyyjvLQ/v-deo.html Bulldog v1 Part 2: ua-cam.com/video/gNgclig1eX4/v-deo.html Bulldog v1 Part 3: ua-cam.com/video/Y3XiR55m-mY/v-deo.html Bulldog v1 Part 4: ua-cam.com/video/rv5Swkl521M/v-deo.html Bulldog v1 Part 5: ua-cam.com/v...
Angular, API & Sign Up Bypass! - Bulldog 2 Walkthrough Ep1
Переглядів 1,7 тис.Рік тому
#pentesting #ctf #hacking #metasploit #kalilinux #hashcat #redteaming Part 1: Available end of week Part 2: Available end of week Bulldog v1 Part 1: ua-cam.com/video/fKMuzyyjvLQ/v-deo.html Bulldog v1 Part 2: ua-cam.com/video/gNgclig1eX4/v-deo.html Bulldog v1 Part 3: ua-cam.com/video/Y3XiR55m-mY/v-deo.html Bulldog v1 Part 4: ua-cam.com/video/rv5Swkl521M/v-deo.html Bulldog v1 Part 5: ua-cam.com/v...
Binary Leak, Extract Root Password! - Bulldog Walkthrough Ep5
Переглядів 720Рік тому
Binary Leak, Extract Root Password! - Bulldog Walkthrough Ep5
Get Root using a Cron job! - Bulldog Walkthrough Ep4
Переглядів 693Рік тому
Get Root using a Cron job! - Bulldog Walkthrough Ep4
Bypass RCE Filter and Gain SSH Shell - Bulldog Walkthrough Ep3
Переглядів 797Рік тому
Bypass RCE Filter and Gain SSH Shell - Bulldog Walkthrough Ep3
Recover SHA1 hashes using Cewl, john and hashcat! - Bulldog Walkthrough Ep2
Переглядів 1,3 тис.Рік тому
Recover SHA1 hashes using Cewl, john and hashcat! - Bulldog Walkthrough Ep2
Bulldog Company Got Hacked! - Bulldog Walkthrough Ep1
Переглядів 1,2 тис.Рік тому
Bulldog Company Got Hacked! - Bulldog Walkthrough Ep1
Pro FTP Backdoor! - Basic Pentesting Ep3
Переглядів 985Рік тому
Pro FTP Backdoor! - Basic Pentesting Ep3
I HACKED a Wordpress Blog - Basic Pentesting Ep2
Переглядів 1,3 тис.Рік тому
I HACKED a Wordpress Blog - Basic Pentesting Ep2
I Challenged 3 Hackers for 1 Hour in TryHackMe's King of the Hill.
Переглядів 20 тис.Рік тому
I Challenged 3 Hackers for 1 Hour in TryHackMe's King of the Hill.
Python Script Thinks and Responds using regular expressions🤖
Переглядів 446Рік тому
Python Script Thinks and Responds using regular expressions🤖
Essential Python Skills for MAXIMUM returns🤖
Переглядів 1,5 тис.Рік тому
Essential Python Skills for MAXIMUM returns🤖
🤖Quick Automation with Python and Socket🤖
Переглядів 722Рік тому
🤖Quick Automation with Python and Socket🤖
Hacking a Joomla website - Born2rootv2 Ep2
Переглядів 3,9 тис.Рік тому
Hacking a Joomla website - Born2rootv2 Ep2
As a beginner bug hunter this was very informative
Need more content from you man!
miss you
Who can check to see if a website is cheating players? If players are linked with owners ? If programs are running inside the website to give an advantage? I need someone who can see this ! Not for an advantage myself but to make sure my $$ is safe .. these players are making 6 figures a year . And I can't find anything to help me with this . I'm willing to pay, if someone is able to check this because I can't.. #1) check ownership #2) if players are linked with owners #3) if programs are running to give advantage Is there anyone that can do this? Also, I'm US based and game / skill game is U.S based out of Tenn
Hi sir.. Thank u for making this vedio ❤😊.. I'm currently learning CRTP. I wants do freelancing in as A RED TEAMer after fining CRTP cert. But i not much know about freelancing in RED TEAM. So can you tell me or make a vedio of it🙌🙂..
I can’t wait to get to this point
Please help me 😭 sir
i was trying enter site but google securities blocking me to open
Thanks a lot man! you are publishing contents for free which some folks pay to see!
Howdy, have you considered updating this guide for the new UI? I was able to find the sections needed around 3:00 in the video but it would be easier for most people if it looked like what they were seeing.
As someone who has 0 clue on whats going on this is so freaking cool i wanna learn this, whatever it is lmao
Does anyone have the link to that website?
where do i go to getto ctfs/chainz
thank you so much your videos are so informative, i recently learned how to self host a website, and i didnt know we needed to disable directory listing...
i love how all of hacking depends on weak passwords
Or strong ass computers yeah
Web app pentesting is baby-tier easy compared to say, achieving root via stack smashing
please share python code
As someone who is not doing anything this video was really helpful on finding annoying comments.
I used to do this for fun as a kid, sql injections were fun back then, also cms privilege escalation
Bruh I had that same portfolio and it got hacked lol
me who os watching not understanding shit.
In zap 2.15.0 no option dynamic ssl certificate.how can i export certificate
Options / Network / Server Certificates.
This is the most educative video so far, been going in circles
So. I’ve just noticed I’m the owner of a doman that’s not mine. Can I use it or would whomever it belongs to know
Hey man! Could u please give me an advice, got PNPT and I want to go after CRTO but should I first pass OSPC abd then go for CRTO? I don't wanna take OSCP now bcz of cost and I've herd that course material is pain in the ass 😊 What should I do?
Now i wonder if i can hack into my schools web survus and stuff
Question - why would a server not block you after being spammed with requests for all of these brute force attacks?
Great man i will share your channel with my group members 😊
tip: if you're using a web hosting service, make a backup on there and a physical one. same for a server that you personally host
I just made a portfolio with this template and the thumbnail had be scared a second
At 11:02 as soon as you realised you could access passwd, I'd have immediately been going to /home/frank/.ssh and looking for public key. Ssh access is always the goal on your radar, would save so much hassle if you can get that early
My website has no vulnerabilities, it's just HTML and a little CSS. Though there may be some on the server side (the stuff hosting the HTML and CSS files), but I'm just using something similar to GitHub pages, so I don't really have to worry about that stuff.
Which OS are you using?
Probably a linux distro like arch or sum
One of the most useless certification on the market. Fully focused on Cobalt strike wich is expensive as fk so if your company is using something else you learned nothing because all you do is customize CS. I got it but CRTP, CARTP are far far more useful, everything you learn there is translatable into the future and any environment.
Is the .env file safe, if i incert passwords there could they be hacked ??
Very underrated channel!! You got my sub
Supper easy to crack that thing u could upload a file shell.php%00%.png that will be hosted as shell.php and done ur in I dont know if thats what u did i just started watching and commented this when i saw the upload thing
Am working on python tool that automatically looks for well known vuln in given url and thats y am collecting info about most popular vulns I already learned so much and as always hacking is so much fun 🎉
Brother i am in huge trouble i need your help plz help me
where is the feil?
the URL it is not open !!!
what up with your face ...... we want to see the tools n code not your spongebob looking face
What am I looking at 😭 and how do I learn this?
Its easy bro .
Hello sir, i am a beginner. can u guide me please?
- i got remote code execution on the server ! - i should use it to learn more about the server ! Said no hacker ever
as a someone who doesn't know to protect their website, i can confirm that this guy will hack my website in 5 seconds. 😂
Great Content ...
Fail2ban is essential.
I can change there front-end our not after this ???
Someone was trying to get hacked 😂