<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Blog on Notes by Nisha</title><link>https://notesbynisha.com/categories/blog/</link><description>Recent content in Blog on Notes by Nisha</description><generator>Hugo</generator><language>en</language><copyright>&amp;copy; 2026 Nisha</copyright><lastBuildDate>Tue, 22 Apr 2025 00:00:00 +0000</lastBuildDate><atom:link href="https://notesbynisha.com/categories/blog/index.xml" rel="self" type="application/rss+xml"/><item><title>Devel Rooted: A Hack The Box Walkthrough</title><link>https://notesbynisha.com/posts/2025-04-22-devel-rooted-walkthrough/</link><pubDate>Tue, 22 Apr 2025 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2025-04-22-devel-rooted-walkthrough/</guid><description>This post is a walkthrough of the &amp;lsquo;Devel&amp;rsquo; retired machine from Hack The Box. I gain initial access through an exposed FTP and WebDAV setup, then escalate privileges using MS15-051.</description></item><item><title>LazyAdmin TryHackMe Walkthrough</title><link>https://notesbynisha.com/posts/2025-03-27-lazyadmin-tryhackme-walkthrough/</link><pubDate>Thu, 27 Mar 2025 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2025-03-27-lazyadmin-tryhackme-walkthrough/</guid><description>A complete walkthrough of the LazyAdmin room on TryHackMe, demonstrating enumeration, exploitation, and privilege escalation.</description></item><item><title>Anonymous Rooted: A TryHackMe Walkthrough</title><link>https://notesbynisha.com/posts/2025-03-03-anonymous-rooted/</link><pubDate>Mon, 03 Mar 2025 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2025-03-03-anonymous-rooted/</guid><description>This walkthrough covers the TryHackMe &amp;lsquo;Anonymous&amp;rsquo; room. I gain user-level access via FTP and a writable script, capture the user flag, and escalate to root via a SUID misconfiguration.</description></item><item><title>Compromising the Dev Box: A PNPT Walkthrough with Mitigation and MITRE ATT&amp;CK Mapping</title><link>https://notesbynisha.com/posts/2024-12-07-devbox-pnpt-walkthrough/</link><pubDate>Sat, 07 Dec 2024 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2024-12-07-devbox-pnpt-walkthrough/</guid><description>A step-by-step walkthrough of compromising the Dev Box from TCM Security’s PNPT training course, including detailed explanations, mitigation steps, and a comprehensive mapping to MITRE ATT&amp;amp;CK tactics and techniques.</description></item><item><title>TryHackMe: Enumeration &amp; Brute Force Room Walkthrough</title><link>https://notesbynisha.com/posts/2024-11-21-enumeration-brute-force-tryhackme/</link><pubDate>Thu, 21 Nov 2024 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2024-11-21-enumeration-brute-force-tryhackme/</guid><description>&lt;h2 id="overview" class="relative group">Overview &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#overview" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h2>&lt;p>This walkthrough documents my experience completing the &lt;strong>Enumeration &amp;amp; Brute Force&lt;/strong> room on TryHackMe. The room provides hands-on experience with various enumeration techniques, brute force attacks, and web application vulnerability exploitation. This write-up details my approach to each task and the key learning points along the way.&lt;/p></description></item><item><title>Investigate Web Attacks Challenge Walkthrough (Let's Defend)</title><link>https://notesbynisha.com/posts/2024-10-16-investigate-web-attacks-lets-defend-walkthrough/</link><pubDate>Wed, 16 Oct 2024 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2024-10-16-investigate-web-attacks-lets-defend-walkthrough/</guid><description>A detailed walkthrough of how to solve the &amp;lsquo;Investigating Web Attacks Challenge&amp;rsquo; on Let&amp;rsquo;s Defend using the bWAPP web application as the victim.</description></item><item><title>Exploring Splunk Data Administration: Parsing, Event Line Breaking, and Data Privacy</title><link>https://notesbynisha.com/posts/2024-10-13-splunk-data-administration-parsing-phase/</link><pubDate>Sun, 13 Oct 2024 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2024-10-13-splunk-data-administration-parsing-phase/</guid><description>&lt;p>As cybersecurity professionals, one of the key challenges we often face is the sheer volume of log data we need to analyze. Whether we&amp;rsquo;re hunting for anomalies, investigating security incidents, or just keeping an eye on our network’s health, efficiently processing log data is important. I recently had the opportunity to further explore Splunk Data Administration, specifically the &lt;strong>Parsing Phase&lt;/strong> and &lt;strong>Data Preview&lt;/strong>—two areas that fundamentally shape how Splunk processes incoming data and prepares it for analysis. In this post, I&amp;rsquo;ll share what I learned and how these skills relate to my daily work.&lt;/p></description></item><item><title>Escalate and Defend: Linux Kernel Exploit Walkthrough</title><link>https://notesbynisha.com/posts/2024-10-11-escalate-and-defend-linux-kernel-exploit/</link><pubDate>Fri, 11 Oct 2024 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2024-10-11-escalate-and-defend-linux-kernel-exploit/</guid><description>A dual perspective walkthrough of TryHackMe&amp;rsquo;s Linux Privilege Escalation room (Kernel Exploits), including offensive steps and defense strategies mapped to the MITRE ATT&amp;amp;CK Framework.</description></item><item><title>IPv6 DNS Takeover with MITM6 in an Active Directory Environment</title><link>https://notesbynisha.com/posts/2024-07-26-ad-attack-ipv6-dns-takeover-via-mitm6/</link><pubDate>Mon, 22 Jul 2024 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2024-07-26-ad-attack-ipv6-dns-takeover-via-mitm6/</guid><description>&lt;h2 id="table-of-contents" class="relative group">Table of Contents &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#table-of-contents" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h2>&lt;ol>
&lt;li>&lt;a href="#introduction">Introduction&lt;/a>&lt;/li>
&lt;li>&lt;a href="#understanding-ipv6-dns-takeover">Understanding IPv6 DNS Takeover&lt;/a>&lt;/li>
&lt;li>&lt;a href="#mitigation-strategies">Mitigation Strategies&lt;/a>&lt;/li>
&lt;li>&lt;a href="#demonstration-steps">Demonstration Steps&lt;/a>
&lt;ul>
&lt;li>&lt;a href="#step-1-setup-ntlm-relay-using-ldaps">Step 1: Setup NTLM Relay using LDAPS&lt;/a>&lt;/li>
&lt;li>&lt;a href="#step-2-run-mitm6">Step 2: Run MITM6&lt;/a>&lt;/li>
&lt;li>&lt;a href="#simulate-event-and-capture-data">Simulate Event and Capture Data&lt;/a>&lt;/li>
&lt;li>&lt;a href="#simulate-login-and-gain-access">Simulate Login and Gain Access&lt;/a>&lt;/li>
&lt;/ul>
&lt;/li>
&lt;li>&lt;a href="#conclusion">Conclusion&lt;/a>&lt;/li>
&lt;/ol>
&lt;h2 id="introduction" class="relative group">Introduction &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#introduction" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h2>&lt;p>In this blog post, I will walk you through a demonstration of an IPv6 DNS takeover attack using the mitm6 (Man in the Middle for IPv6) tool in an Active Directory (AD) pentesting environment. This type of attack exploits weaknesses in the network&amp;rsquo;s handling of IPv6, allowing an attacker to become a Man-in-the-Middle (MITM) and relay NTLM authentication requests to a Domain Controller (DC).&lt;/p></description></item><item><title>Understanding SMB Relay Attacks and Mitigation Techniques</title><link>https://notesbynisha.com/posts/2024-07-22-understanding-smb-relay-attacks-and-mitigation-techniques/</link><pubDate>Mon, 22 Jul 2024 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2024-07-22-understanding-smb-relay-attacks-and-mitigation-techniques/</guid><description>&lt;h2 id="introduction" class="relative group">Introduction &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#introduction" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h2>&lt;p>In the world of network security, understanding various attack vectors is critical to safeguarding systems and data. One such attack is the SMB (Server Message Block) Relay attack, which exploits vulnerabilities in the SMB protocol commonly used in Windows environments. This article will explore what an SMB Relay attack is, the steps involved in executing such an attack, and mitigation strategies to reduce the associated risks. Additionally, I will include screenshots and steps from my lab demonstration using the Responder tool and NTLM Relay X.&lt;/p></description></item><item><title>Understanding SMB Relay Attacks and Mitigation Techniques</title><link>https://notesbynisha.com/posts/2024-07-28-passback-attacks/</link><pubDate>Mon, 22 Jul 2024 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2024-07-28-passback-attacks/</guid><description/></item><item><title>Understanding LLMNR Poisoning and Mitigation Techniques</title><link>https://notesbynisha.com/posts/2024-07-21-understanding-llmnr-poisoning-attacks/</link><pubDate>Sun, 21 Jul 2024 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2024-07-21-understanding-llmnr-poisoning-attacks/</guid><description>&lt;h2 id="introduction" class="relative group">Introduction &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#introduction" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h2>&lt;p>In this blog post, I discuss a common network attack called Link-Local Multicast Name Resolution (LLMNR) poisoning. This type of attack can be highly effective in capturing NTLMv2 hashes, which can then be used to gain unauthorized access to systems in a Windows environment. I will also share insights on how to mitigate this this type of vulnerability attack, ensuring your network remains secure. To illustrate this attack, I have included screenshots from my recent lab demonstration where I successfully captured NTLMv2 hashes using Responder.
&lt;img src="https://notesbynisha.com/assets/images/tcm-academy/tcm-llmnr-1.png">&lt;/p></description></item><item><title>Dancing - HTB Walkthrough by Nisha</title><link>https://notesbynisha.com/posts/2024-07-05-dancing-htb-walkthrough/</link><pubDate>Fri, 05 Jul 2024 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2024-07-05-dancing-htb-walkthrough/</guid><description>&lt;p>&lt;strong> Room Link: &lt;/strong> &lt;a href="https://app.hackthebox.com/starting-point?tier=0" target="_blank">&lt;a href="https://app.hackthebox.com/starting-point?tier=0" target="_blank" rel="noreferrer">https://app.hackthebox.com/starting-point?tier=0&lt;/a>&lt;/a>&lt;/p>
&lt;h2 id="task-1" class="relative group">Task 1 &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#task-1" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h2>&lt;p>What does the 3-letter acronym SMB stand for?&lt;/p>
&lt;p>Server Message Block&lt;/p>
&lt;h2 id="task-2" class="relative group">Task 2 &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#task-2" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h2>&lt;p>What port does SMB use to operate at?&lt;/p></description></item><item><title>TryHackMe IDOR Room Walkthrough</title><link>https://notesbynisha.com/posts/2024-06-29-idor-thm/</link><pubDate>Sat, 29 Jun 2024 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2024-06-29-idor-thm/</guid><description>&lt;blockquote>
&lt;p>Walkthrough of the &lt;strong>Insecure Direct Object Reference (IDOR)&lt;/strong> room on TryHackMe, part of the Jr. Web Penetration Tester learning path.&lt;/p>&lt;/blockquote>
&lt;p>🧭 &lt;a href="https://tryhackme.com/room/idor" target="_blank" rel="noreferrer">Access the TryHackMe IDOR Room&lt;/a> — Complete this room to practice real-world exploitation of Insecure Direct Object References in a safe lab environment.&lt;/p></description></item><item><title>Steel Mountain - TryHackMe Walkthrough by Nisha</title><link>https://notesbynisha.com/posts/2024-06-16-steel-mountain-thm-walkthrough/</link><pubDate>Sun, 16 Jun 2024 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2024-06-16-steel-mountain-thm-walkthrough/</guid><description>Hack into a Mr. Robot themed Windows machine. Use metasploit for initial access, utilise powershell for Windows privilege escalation enumeration and learn a new technique to get Administrator access.</description></item><item><title>Hacking Kenobi: From Anonymous Access to Root like a Rebel</title><link>https://notesbynisha.com/posts/2024-06-14-hacking-kenobi-tryhackme/</link><pubDate>Fri, 14 Jun 2024 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2024-06-14-hacking-kenobi-tryhackme/</guid><description>A complete walkthrough of the Kenobi TryHackMe room, covering enumeration, exploiting ProFTPD, and privilege escalation using SUID PATH hijacking.</description></item><item><title>TryHackMe Ice - Walkthrough by Nisha</title><link>https://notesbynisha.com/posts/2024-06-04-ice-tryhackme-walkthrough/</link><pubDate>Tue, 04 Jun 2024 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2024-06-04-ice-tryhackme-walkthrough/</guid><description>&lt;h5>Deploy &amp; hack into a Windows machine, exploiting a very poorly secured media server. &lt;/h5>
&lt;img src="https://notesbynisha.com/assets/images/thm/thm-ice-1.png">
&lt;p>&lt;strong> Room Link: &lt;/strong> &lt;a href="https://tryhackme.com/r/room/ice"> &lt;a href="https://tryhackme.com/r/room/ice" target="_blank" rel="noreferrer">https://tryhackme.com/r/room/ice&lt;/a>&lt;/a>&lt;/p>
&lt;h2 id="task-1---connect" class="relative group">Task 1 - Connect &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#task-1---connect" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h2>&lt;p>Get connected to the TryHackMe network using OpenVPN. Make sure to first download your configuration file from &lt;a href="http://tryhackme.com/access ">your access page. &lt;/a>&lt;/p></description></item><item><title>How to Install Remmina on Kali Linux</title><link>https://notesbynisha.com/posts/2024-04-14-how-to-install-remmina-on-kali-linux/</link><pubDate>Sun, 14 Apr 2024 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2024-04-14-how-to-install-remmina-on-kali-linux/</guid><description>&lt;p>Step 1: Update Your System&lt;/p>
&lt;img src="https://notesbynisha.com/assets/images/remmina1.PNG">
&lt;ol start="2">
&lt;li>Install Remmina&lt;/li>
&lt;/ol>
&lt;p>sudo apt install remmina&lt;/p>
&lt;img src="https://notesbynisha.com/assets/images/remmina2.PNG">
&lt;ol start="3">
&lt;li>Launch Remmina&lt;/li>
&lt;/ol>
&lt;img src="https://notesbynisha.com/assets/images/remmina3.PNG">
&lt;img src="https://notesbynisha.com/assets/images/remmina4.PNG">
&lt;p>Step 4: Configure a Remote Connection&lt;/p></description></item><item><title>Rooting the Academy Box: A Practical Ethical Hacking Walkthrough</title><link>https://notesbynisha.com/posts/2024-03-19-rooting-the-academy-box-walkthrough/</link><pubDate>Tue, 19 Mar 2024 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2024-03-19-rooting-the-academy-box-walkthrough/</guid><description>&lt;blockquote>
&lt;/blockquote></description></item><item><title>Exploiting EternalBlue (MS17-010): A Walkthrough and Protection Measures</title><link>https://notesbynisha.com/posts/2024-03-18-exploiting-eternal-blue-walkthrough-protection/</link><pubDate>Mon, 18 Mar 2024 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2024-03-18-exploiting-eternal-blue-walkthrough-protection/</guid><description>A detailed walkthrough of how to exploit the Eternal Blue vulnerability on a Windows 7 Ultimate machine, covering both manual and automated methods.</description></item><item><title>TryHackMe Ignite Room Walkthrough: Exploiting Fuel CMS 1.4.1 RCE</title><link>https://notesbynisha.com/posts/2024-07-02-ignite-tryhackme-walkthrough/</link><pubDate>Sun, 17 Mar 2024 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2024-07-02-ignite-tryhackme-walkthrough/</guid><description>Walkthrough of TryHackMe&amp;rsquo;s Ignite room where we exploit a Remote Code Execution vulnerability in Fuel CMS 1.4.1 (CVE-2018-16763). Learn the steps of enumeration, exploitation, privilege escalation, and defense strategies.</description></item><item><title>TryHackMe Walkthough - Post-Exploitation Basics</title><link>https://notesbynisha.com/posts/2024-02-15-post-exploitation-basics-thm-walkthrough/</link><pubDate>Thu, 15 Feb 2024 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2024-02-15-post-exploitation-basics-thm-walkthrough/</guid><description>&lt;p>&lt;strong> Room Link: &lt;/strong>
Task 2 Enumeration w/ Powerview&lt;/p></description></item><item><title>Windows Event Logs (TryHackMe Walkthrough)</title><link>https://notesbynisha.com/posts/2023-12-24-windows-event-logs-thm/</link><pubDate>Sun, 24 Dec 2023 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2023-12-24-windows-event-logs-thm/</guid><description>&lt;h3 id="introduction-to-windows-event-logs-and-the-tools-to-query-them" class="relative group">Introduction to Windows Event Logs and the tools to query them. &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#introduction-to-windows-event-logs-and-the-tools-to-query-them" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h3>&lt;p>&lt;strong> Room Link: &lt;/strong> &lt;a href="https://tryhackme.com/r/room/windowseventlogs" target="_blank" rel="noopener noreferrer"> &lt;a href="https://tryhackme.com/r/room/windowseventlogs" target="_blank" rel="noreferrer">https://tryhackme.com/r/room/windowseventlogs&lt;/a>&lt;/a>&lt;/p></description></item><item><title>Wireshark: The Basics - THM Walkthrough by Nisha</title><link>https://notesbynisha.com/posts/2023-12-05-wireshark-basics/</link><pubDate>Tue, 05 Dec 2023 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2023-12-05-wireshark-basics/</guid><description>&lt;p>&lt;strong> Room Link: &lt;/strong> &lt;a href="https://tryhackme.com/r/room/wiresharkthebasics" target="_blank">&lt;a href="https://tryhackme.com/r/room/wiresharkthebasics" target="_blank" rel="noreferrer">https://tryhackme.com/r/room/wiresharkthebasics&lt;/a>&lt;/a>&lt;/p>
&lt;p>&lt;strong>Learning Objectives&lt;/strong>&lt;/p>
&lt;h2 id="task-1---introduction" class="relative group">Task 1 - Introduction &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#task-1---introduction" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h2>&lt;p>
 &lt;strong>Question: Which file is used to simulate the screenshots?&lt;/strong>
 &lt;em> Answer: http1.pcapng &lt;/em>&lt;/br>
&lt;pre>&lt;code>&amp;lt;strong&amp;gt;Question: Which file is used to answer the questions? &amp;lt;/strong&amp;gt;
&amp;lt;em&amp;gt; Answer: Exercise.pcapng &amp;lt;/em&amp;gt;&amp;lt;/br&amp;gt;
&lt;/code>&lt;/pre>
&lt;/p></description></item><item><title>Linux Fundamentals I - TryHackMe Walkthrough By Nisha</title><link>https://notesbynisha.com/posts/2023-11-19-linux-fundamentals-1-thm/</link><pubDate>Sun, 19 Nov 2023 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2023-11-19-linux-fundamentals-1-thm/</guid><description>Embark on the journey of learning the fundamentals of Linux. Learn to run some of the first essential commands on an interactive terminal..</description></item><item><title>Content Discovery - THM Walkthrough by Nisha</title><link>https://notesbynisha.com/posts/2023-10-13-content-discovery-thm-walkthough/</link><pubDate>Fri, 13 Oct 2023 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2023-10-13-content-discovery-thm-walkthough/</guid><description>&lt;p>&lt;strong> Room Link: &lt;/strong> &lt;a href="https://tryhackme.com/r/room/contentdiscovery" target="_blank">&lt;a href="https://tryhackme.com/r/room/contentdiscovery" target="_blank" rel="noreferrer">https://tryhackme.com/r/room/contentdiscovery&lt;/a>&lt;/a>&lt;/p>
&lt;p>
&lt;p>In cybersecurity, discovering hidden or non-obvious content on web servers is critical for any aspiring ethical hacker. The &amp;ldquo;Content Discovery&amp;rdquo; room on TryHackMe offers a detailed, hands-on approach to mastering techniques for uncovering various types of web content that can reveal vulnerabilities or sensitive data. Ideal for learners looking to deepen their web penetration testing skills, this room enhances the ability to pinpoint potential entry points on a target website.&lt;/p></description></item><item><title>Meow - HTB Walkthrough by Nisha</title><link>https://notesbynisha.com/posts/2023-09-28-meow-htb-walkthrough/</link><pubDate>Thu, 28 Sep 2023 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2023-09-28-meow-htb-walkthrough/</guid><description>&lt;p>&lt;strong> Room Link: &lt;/strong> &lt;a href="https://app.hackthebox.com/starting-point?tier=0" target="_blank">&lt;a href="https://app.hackthebox.com/starting-point?tier=0" target="_blank" rel="noreferrer">https://app.hackthebox.com/starting-point?tier=0&lt;/a>&lt;/a>&lt;/p>
&lt;h2 id="task-1--" class="relative group">Task 1 - &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#task-1--" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h2>&lt;h2 id="task-2--" class="relative group">Task 2 - &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#task-2--" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h2>&lt;h2 id="task-3--" class="relative group">Task 3 - &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#task-3--" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h2>&lt;img src="https://notesbynisha.com/assets/images/htb/htb-meow-1.png">
&lt;img src="https://notesbynisha.com/assets/images/htb/htb-meow-2.png"></description></item><item><title>Walking An Application - THM Walkthrough by Nisha</title><link>https://notesbynisha.com/posts/2023-09-27-walking-an-application-thm-walkthrough/</link><pubDate>Wed, 27 Sep 2023 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2023-09-27-walking-an-application-thm-walkthrough/</guid><description>&lt;p>&lt;strong> Room Link: &lt;/strong> &lt;a href="https://tryhackme.com/r/room/walkinganapplication" target="_blank">&lt;a href="https://tryhackme.com/r/room/walkinganapplication" target="_blank" rel="noreferrer">https://tryhackme.com/r/room/walkinganapplication&lt;/a>&lt;/a>&lt;/p>
&lt;p>In the "Walking An Application" room on TryHackMe, you will learn how to manually assess a web application for security vulnerabilities using only the built-in tools available in your web browser. Automated security tools and scripts often miss many potential vulnerabilities and valuable information. This room emphasizes the importance of manual review to identify and understand these overlooked issues.&lt;/p></description></item><item><title>The Art of Reconnaissance in Cybersecurity</title><link>https://notesbynisha.com/posts/2023-09-19-the-art-of-reconnaissance-in-cybersecurity/</link><pubDate>Tue, 19 Sep 2023 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2023-09-19-the-art-of-reconnaissance-in-cybersecurity/</guid><description>&lt;h2 id="the-art-of-reconnaissance-a-critical-tool-in-cybersecurity" class="relative group">The Art of Reconnaissance: A Critical Tool in Cybersecurity &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#the-art-of-reconnaissance-a-critical-tool-in-cybersecurity" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h2>&lt;img src="https://notesbynisha.com/assets/images/5 - Reconnaissance.png">
&lt;p>Welcome to Day 4 of my &lt;b>100 Days of Cybersecurity Challenge&lt;/b>. As I progress through this intensive learning journey, I’m thrilled to share some insights into one of the most critical aspects of cybersecurity: reconnaissance.&lt;/p></description></item><item><title>Introduction to Offensive Security - THM Walkthrough by Nisha</title><link>https://notesbynisha.com/posts/2023-09-18-intro-to-offensive-security-thm-walkthrough/</link><pubDate>Mon, 18 Sep 2023 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2023-09-18-intro-to-offensive-security-thm-walkthrough/</guid><description>&lt;p>&lt;strong> Room Link: &lt;/strong> &lt;a href="https://tryhackme.com/r/room/introtooffensivesecurity" target="_blank">&lt;a href="https://tryhackme.com/r/room/introtooffensivesecurity" target="_blank" rel="noreferrer">https://tryhackme.com/r/room/introtooffensivesecurity&lt;/a>&lt;/a>&lt;/p>
&lt;h2 id="task-1---what-is-offensive-security" class="relative group">Task 1 - What is Offensive Security? &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#task-1---what-is-offensive-security" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h2>&lt;p>&lt;strong> Question: Which of the following options better represents the process where you simulate a hacker&amp;rsquo;s actions to find vulnerabilities in a system? &lt;/strong> &lt;br>&lt;/p></description></item><item><title>How to Create Configure a DMZ on Palo Alto FIrewall</title><link>https://notesbynisha.com/posts/2023-09-16-configuring-dmz-with-palo-alto-firewall/</link><pubDate>Sat, 16 Sep 2023 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2023-09-16-configuring-dmz-with-palo-alto-firewall/</guid><description>&lt;h3 id="configuring-a-dmz-zone-and-policy-using-palo-alto-firewall" class="relative group">Configuring a DMZ Zone and Policy Using Palo Alto Firewall &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#configuring-a-dmz-zone-and-policy-using-palo-alto-firewall" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h3>&lt;p>On Day 2 of my #100DaysofCybersecurity challenge, I focused on enhancing defenses by making progress on my Palo Alto Firewall lab.&lt;/p></description></item><item><title>How to Configure DNS Settings in Microsoft Azure</title><link>https://notesbynisha.com/posts/2023-08-03-configure-dns-settings-in-azure/</link><pubDate>Thu, 03 Aug 2023 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2023-08-03-configure-dns-settings-in-azure/</guid><description>&lt;h2 id="how-to-configure-dns-settings-in-microsoft-azure" class="relative group">How to Configure DNS Settings in Microsoft Azure &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#how-to-configure-dns-settings-in-microsoft-azure" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h2>&lt;iframe width="560" height="315" src="https://www.youtube.com/embed/3wjQhngR_hM?si=haAlUC4PZjPCe0Qx" title="YouTube video player" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" allowfullscreen>&lt;/iframe>
&lt;p>&lt;a href="https://microsoftlearning.github.io/AZ-700-Designing-and-Implementing-Microsoft-Azure-Networking-Solutions/Instructions/Exercises/M01-Unit%206%20Configure%20DNS%20settings%20in%20Azure.html"> Lab Guide from Microsoft Learning &lt;/a>&lt;/p></description></item><item><title>Incident Handling With Splunk / Splunk 201 (TryHackMe Walkthrough)</title><link>https://notesbynisha.com/posts/2023-07-22-incident-handling-with-splunk-thm-walkthrough/</link><pubDate>Sat, 22 Jul 2023 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2023-07-22-incident-handling-with-splunk-thm-walkthrough/</guid><description>&lt;h3 id="learn-to-use-splunk-for-incident-handling-through-interactive-scenarios" class="relative group">Learn to use Splunk for incident handling through interactive scenarios. &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#learn-to-use-splunk-for-incident-handling-through-interactive-scenarios" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h3>&lt;img src="https://notesbynisha.com/assets/images/thm_splunk_incident_handling.PNG">
Room:&lt;a href="https://tryhackme.com/r/room/splunk201"> https://tryhackme.com/r/room/splunk201&lt;/a>
&lt;h4>Learning Objectives and Pre-requisites&lt;/h4>
Before going through this room, it is expected that the participants will have a basic understanding of Splunk. If not, consider going through this room, Splunk 101 (https://tryhackme.com/jr/splunk101).
&lt;ul>
	&lt;li>Learn how to leverage OSINT sites during an investigation&lt;/li>
	&lt;li>How to map Attacker's activities to Cyber Kill Chain Phases&lt;/li>
	&lt;li>How to utilize effective Splunk searches to investigate logs&lt;/li>
 &lt;li>Understand the importance of host-centric and network-centric log sources&lt;/li>
&lt;/ul>
&lt;h5>Task 1 Introduction: Incident Handling &lt;/h5>
&lt;p>&lt;strong> Q: Read the above and continue to the next task. &lt;/strong> &lt;br>
&lt;em> Answer: No answer needed &lt;/em>&lt;/p></description></item><item><title>Splunk Basics / Splunk 101 (TryHackMe Walkthrough)</title><link>https://notesbynisha.com/posts/2023-07-15-splunk-basics-thm-walkthrough/</link><pubDate>Sat, 15 Jul 2023 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2023-07-15-splunk-basics-thm-walkthrough/</guid><description>&lt;p>&lt;strong> Room Link: &lt;/strong> &lt;a href="https://tryhackme.com/room/splunk101" target="_blank" rel="noopener noreferrer"> &lt;a href="https://tryhackme.com/room/splunk101" target="_blank" rel="noreferrer">https://tryhackme.com/room/splunk101&lt;/a>&lt;/a>&lt;/p>
&lt;div style="position: relative; padding-bottom: 56.25%; height: 0; overflow: hidden;">
 &lt;iframe allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share; fullscreen" loading="eager" referrerpolicy="strict-origin-when-cross-origin" src="https://www.youtube.com/embed/zyaof9kP54I?autoplay=0&amp;amp;controls=1&amp;amp;end=0&amp;amp;loop=0&amp;amp;mute=0&amp;amp;start=0" style="position: absolute; top: 0; left: 0; width: 100%; height: 100%; border:0;" title="YouTube video">&lt;/iframe>
 &lt;/div>

&lt;h4>Learning Objectives and Pre-requisites&lt;/h4>
If you are new to SIEM, please complete the Introduction to SIEM. This room covers the following learning objectives:
&lt;ul>
	&lt;li>Splunk overview&lt;/li>
	&lt;li>Splunk components and how they work&lt;/li>
	&lt;li>Different ways to ingest logs&lt;/li>
 &lt;li>Normalization of logs&lt;/li>
&lt;/ul>
&lt;h5>Task 1 Introduction &lt;/h5>
Splunk is one of the leading SIEM solutions in the market that provides the ability to collect, analyze and correlate the network and machine logs in real-time. In this room, we will explore the basics of Splunk and its functionalities and how it provides better visibility of network activities and help in speeding up the detection.&lt;br>
&lt;p>Continue with the next task.&lt;/p></description></item><item><title>Introduction to Defensive Security - THM Walkthrough by Nisha</title><link>https://notesbynisha.com/posts/2023-05-03-intro-to-defensive-security/</link><pubDate>Wed, 03 May 2023 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2023-05-03-intro-to-defensive-security/</guid><description>&lt;p>&lt;strong> Room Link: &lt;/strong> &lt;a href="https://tryhackme.com/r/room/defensivesecurity">&lt;a href="https://tryhackme.com/r/room/defensivesecurity" target="_blank" rel="noreferrer">https://tryhackme.com/r/room/defensivesecurity&lt;/a>&lt;/a>&lt;/p>
&lt;h2 id="task-1---introduction-to-defensive-security" class="relative group">Task 1 - Introduction to Defensive Security &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#task-1---introduction-to-defensive-security" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h2>&lt;p>&lt;strong> Learning Objectives: &lt;/strong>
Offensive security primarily aims at breaking into systems through various methods like exploiting bugs, abusing insecure setups, and bypassing access control policies. This is the realm of red teams and penetration testers.&lt;/p></description></item><item><title>Windows Fundamentals 1 - TryHackMe Walkthrough</title><link>https://notesbynisha.com/posts/2023-05-01-windows-fundamemtals-1-thm/</link><pubDate>Mon, 01 May 2023 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2023-05-01-windows-fundamemtals-1-thm/</guid><description>&lt;p>&lt;strong> Room Link: &lt;/strong>&lt;/p>
&lt;h2 id="windows-fundamentals-1---tryhackme-walkthrough" class="relative group">Windows Fundamentals 1 - TryHackMe Walkthrough &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#windows-fundamentals-1---tryhackme-walkthrough" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h2></description></item><item><title>Deploy and Configure Azure Firewall and Rules to Allow/Deny Access to Certain Websites</title><link>https://notesbynisha.com/posts/2022-12-04-deploy-configure-azure-firewall/</link><pubDate>Sun, 04 Dec 2022 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2022-12-04-deploy-configure-azure-firewall/</guid><description>&lt;h2 id="deploy-and-configure-azure-firewall-and-rules-to-allowdeny-access-to-certain-websites" class="relative group">Deploy and Configure Azure Firewall and Rules to Allow/Deny Access to Certain Websites &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#deploy-and-configure-azure-firewall-and-rules-to-allowdeny-access-to-certain-websites" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h2>&lt;figure> 
&lt;img src="https://notesbynisha.com/assets/images/mainimage.jpg">
 &lt;figcaption>Fig.1 - Azure Premium Firewall Diagram | Image Source: Microsoft.com&lt;/figcaption>
&lt;/figure>
&lt;p>The &lt;a href="https://learn.microsoft.com/en-us/azure/firewall/overview"> Azure Firewall &lt;/a> is a fully managed cloud-native service that provides network security to protect your Azure virtual network resources. The service offers built-in high availability, unrestricted scalability, threat intelligence-based filtering, logging and monitoring, and many more features and capabilities.&lt;/p></description></item><item><title>Deploy Azure Application Gateway to Direct Web Traffic</title><link>https://notesbynisha.com/posts/2022-11-13-deploy-azure-application-gateway-to-direct-web-traffic/</link><pubDate>Sun, 13 Nov 2022 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2022-11-13-deploy-azure-application-gateway-to-direct-web-traffic/</guid><description>&lt;h2 id="deploy-azure-application-gateway-to-direct-web-traffic" class="relative group">Deploy Azure Application Gateway to Direct Web Traffic &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#deploy-azure-application-gateway-to-direct-web-traffic" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h2></description></item><item><title>Create Inbound NAT Rules to Connect to a Single VM in Azure (Port-Forwarding)</title><link>https://notesbynisha.com/posts/2022-11-07-creating-inbound-nat-rules-to-connect-to-a-single-vm-in-azure-port-forwarding/</link><pubDate>Mon, 07 Nov 2022 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2022-11-07-creating-inbound-nat-rules-to-connect-to-a-single-vm-in-azure-port-forwarding/</guid><description>&lt;h2 id="create-inbound-nat-rules-to-connect-to-a-single-vm-in-azure-port-forwarding" class="relative group">Create Inbound NAT Rules to Connect to a Single VM in Azure (Port-Forwarding) &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#create-inbound-nat-rules-to-connect-to-a-single-vm-in-azure-port-forwarding" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h2></description></item><item><title>Configure Azure Load Balancer</title><link>https://notesbynisha.com/posts/2022-10-31-configure-azure-load-balancer/</link><pubDate>Mon, 31 Oct 2022 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2022-10-31-configure-azure-load-balancer/</guid><description>&lt;h2 id="configure-azure-load-balancer" class="relative group">Configure Azure Load Balancer &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#configure-azure-load-balancer" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h2></description></item><item><title>Traffic Routing in Microsoft Azure with Network Virtual Appliacne (NVA)</title><link>https://notesbynisha.com/posts/2022-10-26-traffic-routing-in-microsoft-azure-with-subnet-to-network-virtual-appliance-nva/</link><pubDate>Wed, 26 Oct 2022 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2022-10-26-traffic-routing-in-microsoft-azure-with-subnet-to-network-virtual-appliance-nva/</guid><description>&lt;h2 id="traffic-routing-in-microsoft-azure-with-network-virtual-appliacne-nva" class="relative group">Traffic Routing in Microsoft Azure with Network Virtual Appliacne (NVA) &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#traffic-routing-in-microsoft-azure-with-network-virtual-appliacne-nva" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h2></description></item><item><title>How to Create Site-to-Site VPN Connections in Microsoft Azure</title><link>https://notesbynisha.com/posts/2022-10-16-create-a-site-to-site-s2s-vpn-connection-in-azure/</link><pubDate>Sun, 16 Oct 2022 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2022-10-16-create-a-site-to-site-s2s-vpn-connection-in-azure/</guid><description>&lt;h2 id="create-a-site-to-site-s2s-vpn-connection-in-microsoft-azure" class="relative group">Create a Site-to-Site (S2S) VPN Connection in Microsoft Azure &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#create-a-site-to-site-s2s-vpn-connection-in-microsoft-azure" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h2></description></item><item><title>How to Create Point-to-Site VPN Connections in Microsoft Azure</title><link>https://notesbynisha.com/posts/2022-09-16-creating-azure-point-to-site-vpn-connections/</link><pubDate>Fri, 16 Sep 2022 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2022-09-16-creating-azure-point-to-site-vpn-connections/</guid><description>&lt;h2 id="how-to-create-point-to-site-vpn-connections-in-microsoft-azure" class="relative group">How to Create Point-to-Site VPN Connections in Microsoft Azure &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#how-to-create-point-to-site-vpn-connections-in-microsoft-azure" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h2>&lt;p>&lt;a href="https://faun.pub/creating-azure-point-to-site-vpn-connections-24033cc4d2e5"> Creating Azure Point to Site VPN Connections&lt;/a>&lt;/p></description></item><item><title>Creating VNet-to-VNet Connections in Microsoft Azure</title><link>https://notesbynisha.com/posts/2022-09-11-vnet-to-vnet-connections-in-azure/</link><pubDate>Sun, 11 Sep 2022 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2022-09-11-vnet-to-vnet-connections-in-azure/</guid><description>This walkthrough details how to create secure VPN Gateway connections between two Azure Virtual Networks using VNet-to-VNet tunneling. Learn how to configure VPN Gateways, establish encrypted connections, and verify the status—all from the Azure portal.</description></item></channel></rss>