First of all, you need to add the username field in the users table. To do that, add the following in create_users_table.php $table->string('username'); Now, migrate it. php artisan migrate:refresh Add it in the User.php model in the protected field: protected $fillable = [ 'name',

Enumeration Checking connection: ping 10.10.10.165 Finding out more about the webserver: nmap -A 10.10.10.165 -o nmapresults.txt We see that on port 80, there's a Nostromo service running. Let's see if there's an exploit for it. Checking for an exploit: searchsploit nostromo So there

Bug Bounty Hunting Tools set up in Alpine Linux! Link to GitHub repo: https://github.com/abhizer/alpine_linux_bbht I was working with an Ubuntu docker but then decided to switch to Alpine because its light weight and minimal. And, just wanted to share this with you guys! For

Frist, download and install Docker Desktop in your computer. Once, you are done with that, you can follow the steps here to create a development environment! Setting up the Docker First pull the docker image: docker pull alpine Verify that it as been downloaded: docker images Now run it: docker

To pass terminal traffic through Burp, first open up Burp and then you should probably turn the Intercept off. At least, that is what I like to do. We will be using Proxychains here. So, first, let's configure it. vi /etc/proxychains.conf Go to the end and write, #burpsuite

Introduction to Technology and Hacking As we're diving deeper into this fascinating well of technology, it is very possible for us to be naive and forget about the security risks that we might face. The deeper we go, the darker it gets. With this, the need for securing the web

A very simple recon script that uses the previous subdomains.sh script, and httprobe, waybackurls by @tomnomnom and then, uses dig to find their IP addresses. Github link: https://github.com/abhizer/recon.sh

As I am getting started with Bug Bounty hunting, I've found that subdomain enumeration is a key component to it. And, there are a lot of tools that can be used for it, each with their own pros and cons. So, I decided to put together a simple script that

Postman is an easy marked box in HackTheBox, it just retired and here's my writeup! First, let's add the hostname postman to the hosts file so that, we don't always need to type in the IP address. vi /etc/hosts Hit i (going to input mode) 10.10.10.160

So, when I was creating my first laravel 6 app and trying to connect it to the database, I got these two errors: PDOException : SQLSTATE[HY000] [2006] MySQL server has gone away Illuminate\Database\QueryException : SQLSTATE[HY000] [2002] Connection refused (SQL: select * from information_schema.tables where table_schema = chat_

I had been away from laravel for a few months and today, when I decided to take a look at it again and install laravel/valet, the composer just wouldn't work. Abhizer@Abhizer > ~/Development > composer global require "laravel/valet" Changed current directory to /Users/Abhizer/.composer Using version ^2.7

Say you have compromised a Windows machine that provides Active Directory Directory Services to its users and have gained access as a user who is a part of the DNSAdmins group, you can use this method to privilege escalate. Here, what we're doing is: Making a dll payload that sends