Container Security Starts Before the Cloud
How I established a container image security baseline using distroless, Trivy, and GitHub Actions before touching any cloud infrastructure.
Cloud Security Engineer
Practical write-ups on AWS, Azure, GCP, containers, zero trust, and the offensive context (HTB, THM) that makes defensive choices mean something.
How I established a container image security baseline using distroless, Trivy, and GitHub Actions before touching any cloud infrastructure.
Learn how to troubleshoot IAM role assumption failures by aligning identity-based policies and trust relationships while maintaining least privilege.
A walkthrough of exploiting the AlwaysInstallElevated misconfiguration on Windows to escalate from user to SYSTEM using a malicious MSI payload.
This post is a walkthrough of the ‘Devel’ retired machine from Hack The Box. I gain initial access through an exposed FTP and WebDAV setup, then escalate …
A complete walkthrough of the LazyAdmin room on TryHackMe, demonstrating enumeration, exploitation, and privilege escalation.
This walkthrough covers the TryHackMe ‘Anonymous’ room. I gain user-level access via FTP and a writable script, capture the user flag, and escalate to root …
A step-by-step walkthrough of compromising the Dev Box from TCM Security’s PNPT training course, including detailed explanations, mitigation steps, and a comprehensive …
Overview #This walkthrough documents my experience completing the Enumeration & Brute Force room on TryHackMe. The room provides hands-on experience with various …
A detailed walkthrough of how to solve the ‘Investigating Web Attacks Challenge’ on Let’s Defend using the bWAPP web application as the victim.
As cybersecurity professionals, one of the key challenges we often face is the sheer volume of log data we need to analyze. Whether we’re hunting for anomalies, …
A dual perspective walkthrough of TryHackMe’s Linux Privilege Escalation room (Kernel Exploits), including offensive steps and defense strategies mapped to the …
Table of Contents # Introduction Understanding IPv6 DNS Takeover Mitigation Strategies Demonstration Steps Step 1: Setup NTLM Relay using LDAPS Step 2: Run MITM6 Simulate …
Introduction #In the world of network security, understanding various attack vectors is critical to safeguarding systems and data. One such attack is the SMB (Server …
Introduction #In this blog post, I discuss a common network attack called Link-Local Multicast Name Resolution (LLMNR) poisoning. This type of attack can be highly …
Earning the INE Security Junior Penetration Tester (eJPT) certification has been a significant milestone in my cybersecurity journey. In this blog post, I’ll share …
Room Link: https://app.hackthebox.com/starting-point?tier=0 Task 1 #What does the 3-letter acronym SMB stand for? Server Message Block Task 2 #What port does SMB use to …
Walkthrough of the Insecure Direct Object Reference (IDOR) room on TryHackMe, part of the Jr. Web Penetration Tester learning path. 🧭 Access the TryHackMe IDOR Room — …
Hack into a Mr. Robot themed Windows machine. Use metasploit for initial access, utilise powershell for Windows privilege escalation enumeration and learn a new technique …
A complete walkthrough of the Kenobi TryHackMe room, covering enumeration, exploiting ProFTPD, and privilege escalation using SUID PATH hijacking.
Deploy & hack into a Windows machine, exploiting a very poorly secured media server. Room Link: https://tryhackme.com/r/room/ice Task 1 - Connect #Get connected to the …
Step 1: Update Your System Install Remmina sudo apt install remmina Launch Remmina Step 4: Configure a Remote Connection
A detailed walkthrough of how to exploit the Eternal Blue vulnerability on a Windows 7 Ultimate machine, covering both manual and automated methods.
Walkthrough of TryHackMe’s Ignite room where we exploit a Remote Code Execution vulnerability in Fuel CMS 1.4.1 (CVE-2018-16763). Learn the steps of enumeration, …
Room Link: Task 2 Enumeration w/ Powerview
Introduction to Windows Event Logs and the tools to query them. # Room Link: https://tryhackme.com/r/room/windowseventlogs
Room Link: https://tryhackme.com/r/room/wiresharkthebasics Learning Objectives Task 1 - Introduction # Question: Which file is used to simulate the screenshots? Answer: …
Embark on the journey of learning the fundamentals of Linux. Learn to run some of the first essential commands on an interactive terminal..
Room Link: https://tryhackme.com/r/room/contentdiscovery In cybersecurity, discovering hidden or non-obvious content on web servers is critical for any aspiring ethical …
Room Link: https://app.hackthebox.com/starting-point?tier=0 Task 1 - #Task 2 - #Task 3 - #
Room Link: https://tryhackme.com/r/room/walkinganapplication In the "Walking An Application" room on TryHackMe, you will learn how to manually assess a web application …
The Art of Reconnaissance: A Critical Tool in Cybersecurity # Welcome to Day 4 of my 100 Days of Cybersecurity Challenge. As I progress through this intensive learning …
Room Link: https://tryhackme.com/r/room/introtooffensivesecurity Task 1 - What is Offensive Security? # Question: Which of the following options better represents the …
Vulnerability Scanning with Tenable Nessus #🚀 Day 3 of my #100DaysOfCybersecurity challenge is all about getting hands-on with Tenable Nessus! 🕵️♂️
Configuring a DMZ Zone and Policy Using Palo Alto Firewall #On Day 2 of my #100DaysofCybersecurity challenge, I focused on enhancing defenses by making progress on my …
Vulnerability Scanning with Nmap: Network Scanning # What is Nmap and which problems does it solve in Cybersecurity? Nmap (Network Mapper) is a powerful open-source …
How to Configure DNS Settings in Microsoft Azure # Lab Guide from Microsoft Learning
Create Virtual Networks (VNets) in Azure # Lab Guide from Microsoft Learning
IAM: Configure Azure Policy #
IAM: Create Resource Manager Locks in Azure #
IAM: Configure Role-Based Access Control (RBAC) in Azure #
Learn to use Splunk for incident handling through interactive scenarios. # Room: https://tryhackme.com/r/room/splunk201 Learning Objectives and Pre-requisites Before …
Room Link: https://tryhackme.com/room/splunk101 Learning Objectives and Pre-requisites If you are new to SIEM, please complete the Introduction to SIEM. This room covers …
Vulnerability Scanning with OpenVAS: Unveiling Cybersecurity Insights # In the ever-evolving landscape of cybersecurity, staying one step ahead of potential threats is …
Room Link: https://tryhackme.com/r/room/defensivesecurity Task 1 - Introduction to Defensive Security # Learning Objectives: Offensive security primarily aims at …
Room Link: Windows Fundamentals 1 - TryHackMe Walkthrough #
Configure Network Monitoring in AWS #
Implement Security Controls in AWS #
Enable Inter-VPC Connectivity with AWS Transit Gateway #
Enable Inter-VPC Connectivity Using Peering Connections in AWS #
AWS Networking: Multi-VPC Architecture #
A beginner-friendly walkthrough of managing users, groups, and permissions in AWS Identity and Access Management (IAM).
How to Deploy a Secured Static Website on AWS # How to Deploy a Secured Static Website on AWS
Deploy an Amazon Connect Contact Center #++
Enable Session Stickiness Using an Application Load Balancer (ALB) in AWS #
Deploy and Configure Azure Firewall and Rules to Allow/Deny Access to Certain Websites # Fig.1 - Azure Premium Firewall Diagram | Image Source: Microsoft.com The Azure …
Deploy Azure Application Gateway to Direct Web Traffic #
Create Inbound NAT Rules to Connect to a Single VM in Azure (Port-Forwarding) #
Configure Azure Load Balancer #
Traffic Routing in Microsoft Azure with Network Virtual Appliacne (NVA) #
Create a Site-to-Site (S2S) VPN Connection in Microsoft Azure #
How to Create Point-to-Site VPN Connections in Microsoft Azure # Creating Azure Point to Site VPN Connections
This walkthrough details how to create secure VPN Gateway connections between two Azure Virtual Networks using VNet-to-VNet tunneling. Learn how to configure VPN …