SaidSecurity

Pentesting journey & Tools

· SaidSecurity

Welcome! Here, I'll share my journey in penetration testing, offering insights into ethical hacking, tips from solving challenges, and experiences from platforms like HackTheBox. Expect tutorials covering various hacking aspects.

Before diving into the fundamentals of penetration testing, let us first familiarize ourselves with the answers to common questions. Please find them below.

What's the Penetration testing? Down arrow

Penetration testing, commonly known as pentesting, is a proactive cybersecurity practice aimed at identifying and addressing vulnerabilities within a system or network. It involves simulating real-world cyberattacks to uncover potential weaknesses that malicious actors could exploit. This process helps organizations strengthen their security defenses and safeguard against potential threats.

Who conducts penetration tests? Down arrow

Penetration tests are typically conducted by Pentesters, also known as ethical hackers, who specialize in security assessments and ethical hacking. These professionals possess expertise in identifying vulnerabilities, exploiting them in a controlled manner, and providing recommendations for remediation.

What are the primary classifications of hackers? Down arrow

Hackers are typically categorized into three main types:
White Hat Hackers: Also known as ethical hackers, they use their skills for good, often employed by organizations to find and fix security vulnerabilities.
Black Hat Hackers: These hackers engage in malicious activities, such as stealing data, causing damage, or disrupting systems, for personal gain or malicious intent.
Gray Hat Hackers: This category is less defined and involves individuals who may perform both ethical and unethical hacking activities, sometimes crossing legal boundaries.

Key Phases of a Penetration Test:

PenPhases

Write-up for UniFied Starting-Point on HackThebox platform.

During my attempt to hack the UniFied WebApp, I found a lack of comprehensive sources or write-ups on the challenge. After successfully understanding and hacking the UniFied challenge, I decided to create my own detailed write-up to fill this gap.
Here's my Write-up file for UniFied starting point.

Your support means the world to me! 🌟 Support my education, cybersecurity learning, and certifications journey on BuyMeACoffee. ↓↓↓ Your contribution is a big help! ☕️🚀 #GratefulLearner

"Sapientia est potentia."
(Wisdom is power.)