Image credits:https://arctouch.com/blog/kubernetes-docker-containerized-apps/

Before we proceed : This is not a cyber security related blog , this is just a quick blog of deploying a simple web application with a database attached. It’s actually quite a noobish blog, however I wanted to document the process of deploying the application from scratch (except code which I have stolen from another source). This might become unnecessarily long for some as I’ll be putting in each error I was thrown at and how it was solved, but it’s a necessary lesson to not do anything theoretically and always go ahead and implement something because the struggle…


Vulnhub!

Back again with the first OSCP look alike box writeup of this year . This box requires a little bit of attention to detail and out of the box thinking not to mention once you figure it out, you would be surprised to see how easy it was ! Let’s get started with this :-

Link to the machine :- https://www.vulnhub.com/entry/double-1,632/

Full nmap port scan:-


Vulnhub!

Hey guys! Back again with what could possibly be this year’s last documented Vulnhub walkthrough. As usual , the trend has been documenting the OSCP like boxes which might be useful for OSCP aspirants and also in general to keep in touch with my skills acquired from OSCP . This is again a very nice machine from which even I learnt a few useful tips and tricks. Honestly , the box was extremely straightforward and also very real as well! So let’s start !

Full nmap port scan:


What is Trivy?

Trivy is a simple vulnerability scanner developed by aquasecurity for scanning containers and other artifacts .It is mostly used for static analysis. It is suitable to integrate with CI phase of pipeline . Aquasecurity is widely know for building security tools towards container and pipeline security . Trivy is available in github here .

What does Trivy do?

As suggested above, it is a vulnerability scanner which is mostly helpful for detecting container level vulnerabilities and dependencies.At it’s core, it is mostly a CVE scanner useful for finding missing patches and already existing and publicly disclosed vulnerabilities…


Been on a vulnhub spree as of lately because of boredom I guess. This is again a very easy and simple machine . Let’s start off.

Full port nmap scan :


Very nicely made machine again for OSCP guys! . Kudos to vulnhub for bringing out really top notch machines ever since the collaboration with offsec. Let’s start right away :

As usual, a full nmap port scan:


Vulnhub

This is again a very easy level machine good for beginners and for people who want to keep in touch with your basic skills. Highly recommend it for oscp starters as a practice.

The download link is as given below:

As usual, we start with a full port nmap scan:


The red team lab!

So recently I acquired my CRTE. My resolution this year was to acquire my personal big 3 i.e. OSCP,CRTP and CRTE. I am happy to share that in a span of 7 months I have all three supposedly considered top level certifications. It has come at the back of lot of hard work and dedication and I am proud that I was able to clear all these and learn so much quickly all in my final year of bachelor’s degree of college . You can find my reviews for the other certs in my blog list if you want :)
Before…


Vulnhub!

Excellent beginner level machine for OSCP aspirants. Nowadays vulnhub has definitely increased the bar of machines and post a lot of realistic machines (unlike HTB which usually post CTF type machines which are almost impossible to solve for me without a few hints) . Let us solve this machine.

Machine link: https://www.vulnhub.com/entry/bbs-cute-101,567/
As usual , I like to run a full port nmap scan.


CRTP Lab!Image from Pentester Academy

Recently I completed my much awaited CRTP certification from Pentester Academy. Like always I write a review about a hands on proffesional certification once I clear it. Again the only disclaimer about this is that the opinions are only mine , that’s all.
Little preview about me: I am currently a fourth year computer science student from India . I have cleared OSCP( little bit of show off) in April, you can check out that review as well. CRTP was always gonna be my next certification after OSCP because I wanted to learn about active directory and infrastructure pentesting . The…

Arnav Tripathy

Cats, pizza and cyber security are all I live for! Follow me for a wide variety of topics in the field of cyber security. OSCP ,CRTE holder.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store