As a beginner, learning IT auditing entails developing a strong understanding of IT systems, auditing principles, and applicable frameworks. Here is a step-by-step tutorial to get you started: 1. Learn the Fundamentals of Information Technology: Begin by being familiar with the fundamentals of information technology, such as computer hardware, software, networking, databases, and standard ITContinue reading “IT AUDITING 101”
Author Archives: Waqas Ahmed
The Role of IT Audit in Safeguarding Digital Infrastructure
Introduction: In today’s digital age, Information Technology (IT) has become an integral part of every organization’s operation. From data storage and network infrastructure to software applications and cybersecurity, businesses rely heavily on IT systems to enhance productivity, streamline processes, and gain a competitive edge. However, with the increasing reliance and technological advancements in IT systems,Continue reading “The Role of IT Audit in Safeguarding Digital Infrastructure”
Restricting Mobile App Permissions for better Privacy and Security
Introduction Mobile apps have become an integral part of our daily lives, providing convenience, entertainment, and access to various services. However, with the increasing number of apps available, it is crucial to prioritize privacy and security. One effective way to accomplish this is by restricting the permissions granted to mobile apps. By limiting the accessContinue reading “Restricting Mobile App Permissions for better Privacy and Security”
Sauna – HackTheBox Walkthrough
Introduction: The purpose of this blog is to document the steps I took to complete hacking task of HackTheBox (https://www.hackthebox.eu/) machine that included capturing user and root flag of Sauna (https://www.hackthebox.eu/home/machines/profile/229). Resources/Tools Used: nmap smbclient Impacket’s GetNPUser.py script (https://raw.githubusercontent.com/SecureAuthCorp/impacket/master/examples/GetNPUsers.py) john evil-WinRM winPEAS mimikatz Process Followed: After connecting to HTB lab through VPN, started Sauna (10.10.10.175)Continue reading “Sauna – HackTheBox Walkthrough”
Silo – HackTheBox Walkthrough
Introduction: The purpose of this blog is to document the steps I took to complete hacking task of Silo (https://www.hackthebox.eu/home/machines/profile/131) machine from HackTheBox (https://www.hackthebox.eu/). Resources/Tools Used: nmap smbclient Metasploit ODAT (https://github.com/quentinhardy/odat) evil-winrm volaility https://www.rapid7.com/db/modules/auxiliary/scanner/oracle/tnspoison_checker https://www.rapid7.com/db/modules/auxiliary/scanner/oracle/sid_brute https://github.com/quentinhardy/odat/wiki https://redteamtutorials.com/2018/10/24/msfvenom-cheatsheet/ Process Followed: After connecting HTB lab through VPN, started Silo (10.10.10.82) machine. To check the available services, scannedContinue reading “Silo – HackTheBox Walkthrough”
Kenobi – TryHackMe Writeup
Introduction: The purpose of this writeup is to document the steps I took to complete THM’s (https://tryhackme.com/) room Kenobi (https://tryhackme.com/room/kenobi) hacking tasks. Resources/Tools Used: Nmap smbclient Netcat [Task 1] Deploy the vulnerable machine #1 This subtask requires you to deploy the machine. #2 Scanned the machine and found seven open ports. [Task 2] Enumerating Samba for sharesContinue reading “Kenobi – TryHackMe Writeup”
Injection – TryHackMe Writeup
Introduction: The purpose of this writeup is to document the steps I took to complete TryHackMe.com (https://tryhackme.com/)’s room Injection (https://tryhackme.com/room/injection) hacking tasks. Resources/Tools Used: Netcat https://linuxconfig.org/how-to-change-welcome-message-motd-on-ubuntu-18-04-server http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet [Task 1] Introduction & Deploy This task is mainly concerned with introducing the room scenario and deploying the machine. [Task 2] An Introduction To Command Injection This task gives anContinue reading “Injection – TryHackMe Writeup”
Monteverde – HackTheBox Walkthrough
Introduction: The purpose of this blog is to document the steps I took to complete hacking task of Monteverde machine from Hack The Box (HTB). Resources/Tools Used: nmap smbclient enum4linux Metasploit evil-winrm winPEAS https://blog.xpnsec.com/azuread-connect-for-redteam/ https://github.com/Hackplayers/PsCabesha-tools/blob/master/Privesc/Azure-ADConnect.ps1 Process Followed: After connecting HTB lab through VPN, started Monteverde (10.10.10.172) machine. To check the available services, I scanned theContinue reading “Monteverde – HackTheBox Walkthrough”
Inclusion – THM Writeup
Introduction: The purpose of this writeup is to document the steps I took to complete TryHackMe.com (THM)’s room Inclusion hacking tasks. Resources/Tools Used: ssh https://gtfobins.github.io/gtfobins/socat/#sudo [Task 1] Deploy This is a beginner level room designed for people who want to get familiar with Local file inclusion vulnerability. #1 Deploy the machine and start enumerating No answerContinue reading “Inclusion – THM Writeup”
Ignite – TryHackMe Writeup
Introduction: The purpose of this writeup is to document the steps I took to complete TryHackMe.com (THM)’s room Ignite hacking tasks. Resources/Tools Used: searchsploit http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet netcat [Task 1] Root it! Root the box! #1 User.txt Deployed the machine and browsed to the website. Noticed the website was running Fuel CMS version 1.4. While reading theContinue reading “Ignite – TryHackMe Writeup”
Blog 