Pentesting

Introduction Bash is the scripting language used to interact directly with Unix‑based operating systems through the shell. It allows administrators and security practitioners to automate repetitive tasks, chain command‑line utilities, and process large volumes of data efficiently. In modern environments, Bash is not limited to Linux systems, as Windows provides compatibility through the Windows Subsystem for Linux, enabling cross‑platform usage. In enterprise and security‑focused environments, Bash scripting becomes essential due to the scale and velocity of data handled daily. Analysts frequently rely on scripts to enumerate systems, filter logs, test connectivity, and orchestrate reconnaissance or defensive workflows. Instead of manually executing dozens of commands, a single well‑designed script can perform complex logic reliably and repeatably. ...

SQLMap Overview SQLMap is an open source penetration testing tool written in Python that automates SQL injection detection and exploitation. It connects to a target, probes parameters, fingerprints the back-end DBMS, and then enumerates data or attempts deeper impact. The tool is designed to speed up SQLi workflows while still providing the evidence you need for reporting. SQLMap covers the full exploitation chain in one interface. It can enumerate databases, tables, columns, and users, extract data, and even interact with the file system when the DBMS allows it. It also has features for proxying traffic, adjusting risk, and bypassing common defenses. ...

Introduction to Web Fuzzing Web fuzzing is used when a site does not link to hidden pages or does not expose anything useful through normal navigation. The technique sends many controlled inputs to an interface to see how the server responds. In some notes, the Spanish verb for fuzzing is translated as borrar, but the actual goal is discovery. When you do this correctly, you can reveal directories, pages, subdomains, and parameters that are not linked anywhere. ...

Introduction SQL injection (SQLi) happens when user input changes the final SQL query sent by a web application. The impact ranges from reading sensitive data to modifying records or writing files on the server. This guide merges database basics with practical SQLi techniques and commands so you can connect theory to hands-on exploitation. Database Foundations Modern web applications rely on databases to store content, user data, and configuration. Understanding DBMS structure and query behavior helps you predict how an injection point will behave and which payloads are likely to work. It also helps you distinguish between relational and non-relational systems when fingerprinting the backend. ...

Reference & Disclaimer This article is based on my personal study notes from the Information Security Foundations track. Due to scope and readability constraints, theoretical explanations, command details, output interpretation, and script code examples are intentionally highly summarized in this article. For full explanations, complete command usage, real outputs, and detailed script implementations, readers are strongly encouraged to consult the full repository. Full repository: https://github.com/lameiro0x/pentesting-path-htb Introduction Windows privilege escalation is about moving from a low-privilege shell to local admin or SYSTEM. It often succeeds because of weak permissions, misconfigured services, or excessive group rights. This guide merges theory and commands into a practical workflow. ...

Intro Most communication on the Internet is performed through web requests using the Hypertext Transfer Protocol (HTTP). HTTP is an application-layer protocol designed to enable the retrieval and exchange of resources across the World Wide Web. The term hypertext refers to text that contains references (links) to other resources, enabling non-linear navigation between documents. HTTP follows a client-server communication model. The client, typically a web browser or command-line tool, initiates a request for a resource. The server processes this request and returns a response containing the requested resource or an error message. By default, HTTP operates over TCP port 80, although servers may be configured to listen on alternative ports. ...

Introduction Shells and payloads are the bridge between exploiting a vulnerability and actually interacting with a target system. A shell gives you interactive access to the OS, while a payload is the code or command that delivers that access. Shells and Payloads at a Glance A shell is a program that lets you enter commands and receive output, and in security it is often the result of exploitation. In practice you select a payload based on the target OS, available interpreters, and what the network allows. ...

Intro Network Traffic Analysis (NTA) can be described as the systematic examination of network traffic with the objective of understanding how data flows through an environment, identifying normal behavior, and detecting deviations that may indicate security threats or operational issues. By analyzing ports, protocols, and communication patterns, security professionals are able to establish a baseline for expected activity and monitor for anomalies that may signal malicious behavior. This process is especially valuable because network traffic represents the ground truth of what is actually happening in an environment. Logs and alerts can be incomplete or misleading, but traffic captures reveal real interactions between hosts. Through continuous observation and analysis, defenders can identify threats early, investigate suspicious activity, and gain a deeper understanding of their organization’s network behavior. ...

Introduction Metasploit is a modular penetration testing framework that lets you enumerate, exploit, and manage access using a single console. The framework provides thousands of modules, payloads, and helpers, which can save time when used with discipline. This post blends theory and commands to help you use Metasploit as a tool, not a crutch. The core idea is simple: use Metasploit to validate real vulnerabilities, not to replace your understanding of the system. A tool can give you a shell, but only your analysis decides which module is safe, relevant, and appropriate. If you treat the framework as a workflow engine, it becomes both efficient and transparent. ...

Intro Web applications are interactive applications that run inside web browsers and typically follow a client-server architecture. In this model, the client (browser) is responsible for rendering the interface and interacting with the user, while the server handles application logic, data processing, and persistence. This separation enables scalability, flexibility, and centralized control, but also introduces a wide attack surface that must be properly understood from a security perspective. From a security engineering point of view, this separation of responsibilities is critical. Any data crossing the boundary between client and server must be considered untrusted by default, regardless of client-side validation. Attackers can fully control browsers, manipulate requests, and bypass front-end restrictions, which is why secure design always assumes a hostile client environment. ...