Open in app

Sign In

Write

Sign In

Shellbr3ak
Shellbr3ak

167 Followers

Home

About

May 2, 2022

NahamConCTF — Web Challenges

What’s going on hackers, this is Shellbr3ak back again with another CTF write up. Today I’ll be showing how I managed to solve 7 out of 8 web challenges in NahamconCTF. So, without much talking, let’s go. Personnel

Nahamconctf

18 min read

NahamConCTF — Web Challenges
NahamConCTF — Web Challenges
Nahamconctf

18 min read


Mar 31, 2022

XSS — WAF Bypass

What’s going on everybody, this is $hellbr3ak back again with another blog. Today I will be talking about how I bypassed BIG-IP ASM firewall in one of my engagements. As usual the target will be redacted since the pentest is conducted on a client environment. …

Waf Bypass

7 min read

XSS — WAF Bypass
XSS — WAF Bypass
Waf Bypass

7 min read


Jan 31, 2022

First Time Hacking The Cloud

What’s going on hacker folks, this is shellbreak back again with another blog post, but this time, it will be about how I found my first bug in an azure cloud storage service. The vulnerability was a Massive Information Disclosure due to a publicly accessible container hosted on an azure…

Pentesting

4 min read

First Time Hacking The Cloud
First Time Hacking The Cloud
Pentesting

4 min read


Dec 24, 2021

TryHackMe — Solar

What’s going on h4x0rs this is shellbr3ak, and today we’re going to be doing something a little bit different than regular CTFs. As you’ve seen in the news, a very serious 0-day was discovered in the Log4j java logging utility which is a part of Apache Logging Services and also…

0 Day Attacks

9 min read

TryHackMe — Solar
TryHackMe — Solar
0 Day Attacks

9 min read


Oct 10, 2021

DigitalOverDose — CTF

Hello y’all, this is shellbreak again with another CTF. As I’m working as a web application penetration tester, I focus only on web challenges in CTFs, and in today’s write up, I’m going to showcase how I solved the only 3 web challenges in Digitaloverdose CTF. …

Web Hacking

6 min read

DigitalOverDose — CTF
DigitalOverDose — CTF
Web Hacking

6 min read


Sep 20, 2021

HacktivityconCTF 2021

Hello all, this is shellbreak, and today I’m going to showcase how I solved some web challenges in the hacktivitycon CTF 2021, so without much talking let’s just jump in. Swaggy

Hacktivitycon

14 min read

HacktivityconCTF 2021
HacktivityconCTF 2021
Hacktivitycon

14 min read


May 26, 2021

TryHackMe — Kenobi

What’s going on fellas, this is shellbreak back again with another write up about a room called knobi from TryHackMe, which is an easy room that involves a vulnerable FTP server which we’ll exploit to get user access, and then we find that there’s a SUID binary that we can…

Tryhackme Walkthrough

8 min read

TryHackMe — Kenobi
TryHackMe — Kenobi
Tryhackme Walkthrough

8 min read


May 25, 2021

TryHackMe — Vulnversity

Hello guys, what’s going on, this is shellbreak, and today we’re gonna be doing Vulnversity from TryHackMe which is a pretty simple and straightforward machine that involves a File Upload vulnerability to get a shell, and once we get a shell on the box we notice that there’s an unusual…

Oscp Preparation

8 min read

TryHackMe — Vulnversity
TryHackMe — Vulnversity
Oscp Preparation

8 min read


May 20, 2021

TryHackMe — Blue

Hello guys, what’s going on , this is shellbreak, and today I’ll be doing the Blue room from TryHackMe, which is a pretty easy and fun room that demonstrates how to exploit “eternal blue” vulnerability that affected SMB servers back in 2017. EternalBlue is a cyberattack exploit developed by the…

Tryhackme Walkthrough

5 min read

TryHackMe — Blue
TryHackMe — Blue
Tryhackme Walkthrough

5 min read


May 19, 2021

How I found my first Cross-Site Scripting Vulnerability

Hello all this is shellbreak, back again with another story of a bug I found apart from CTF challenges. Since this vulnerability was found on a real website, I won’t be mentioning the domain on which I found it, so I’ll use https://example.com …

Infosec

3 min read

How I found my first Cross-Site Scripting Vulnerability
How I found my first Cross-Site Scripting Vulnerability
Infosec

3 min read

Shellbr3ak

Shellbr3ak

167 Followers

Web Penetration Tester| Threat Intelligence Analyst| CTIA | eWPTXv2 | CTF Lover

Following
  • Ismail Tasdelen

    Ismail Tasdelen

  • Hayriye SELÇUK

    Hayriye SELÇUK

  • T00n

    T00n

  • mucomplex

    mucomplex

  • swaysthinking

    swaysthinking

See all (9)

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech