Brute-Force What is brute-forcing? Brute-forcing is a attack method used to get passwords or logins to a web application by trial and error method. Imagine you have a login page with 2 text input fields named username and password. And you know definitely the username is "admin" and the password is less or equal to … Continue reading Damn Vulnerable Web Application(DVWA) walkthrough-Part 02
This is a short collection of Laws and Paradoxes I found when I am reading. Jevons paradox In economics, the Jevons paradox, or Jevons effect, is said to occur when technological improvements that increase the efficiency of a resource's use lead to a rise, rather than a fall, in total consumption of that resource. Goodhart's law Goodhart's law is an adage that has been stated … Continue reading Laws and Paradoxes
I try to read daily. Some end up in my linkedin posts, some as bookmarks, some are gone as I close the tabs. I want to keep some of links preserved. This is not an original idea, this is coming from Simon Willson. Hopefully I continue this tradition as I go along in 2026. Working … Continue reading Blogs/Links I read in 2026
In this post I will be documenting how I created a AD lab in Oracle Cloud. So I logged in to oracle cloud and using the free trial credit ( not mine, bless that person though ). Oracle Dashboard So I went on and created 4 vms that I thought I will connect to the … Continue reading Creating Vulnerable lab in Active Directory
Tmux comes from Terminal Multiplexer. It's used to handle multiple terminal sessions in a single window. Sounds cool if you know how you feel when 10 or 12 terminals lying in your desktop. To start tmux session type... well tmux in your terminal. If you want to create new session with a name type tmux … Continue reading Using tmux for productivity
In the previous article we learned how to load a executable and do basic analysis in the radare2. This article is based on a picoCTF 2018 challenge "learn the gdb". If you read the article about gdb you might know it already. The file is here. Load it into the radare. r2 <filename>. Let's analyse … Continue reading Beginners guide to radare2-Part 2
GDB is a short for GNU debugger. Almost all *nix OSes comes with it. So if you are playing a ctf or want to debug something quickly GDB is the way. Today we are going to learn gdb by disassembling a simple program. A picoCTF 2018 problem. File is here. We have to get the … Continue reading Quick intro to GDB
So when I'm debugging with GDB I'd like to see the source code and maybe interact with it. But even when I have the source file it doesn't seem to read it and get loaded. What happens is GDB is being lazy and doesn't look for the source file in the executables directory . It … Continue reading Read source files inside GDB-TUI
Application Layer Modern web applications are utilizing internet in a very astonishing way. We have instant messaging, Streaming services, Multiplayer games and so much more. To create such application we need to understand how OSI layers work with an application and what we as programmers need to know. To write a program that should communicate … Continue reading Beginners guide to Networking-Part 02
There are 2 syntaxes that mainly used in reverse engineering. Intel and ATT. First I thought ATT was hard to read and Intel was a clean assembly syntax. But I was wrong. ATT reduces the time and abstraction by little changes in the code that It'll be easier for humans to read. This will be … Continue reading Dip in to ATT syntax
Sala's Blog 