TryHackMe — Metasploit: Exploitation Writeup This TryHackMe room focuses on practical exploitation techniques using the Metasploit Framework, including scanning, vulnerability assessment, exploitation, post-exploitation, and payload generation with Msfvenom. Warning: For educational purposes only. Task 1 — Introduction To begin using Metasploit, start the framework with: msfconsole The Metasploit console provides access to scanners, exploits, payloads, post-exploitation modules, and auxiliary tools. Task 2 — Scanning Metasploit includes several modules capable of performing network and service discovery. Port Scanning You can search for available port scanning modules using: search portscan Important Parameters CONCURRENCY — Number of simultaneous targets; PORTS — Port range to scan; RHOSTS — Target IP or network; THREADS — Number of parallel threads. Questions & Answers Q: How many ports are open on the target system? ...

TryHackMe — Metasploit: Introduction Writeup Metasploit Framework is one of the most widely used tools in cybersecurity, penetration testing, exploit development, and vulnerability research. This TryHackMe room introduces the fundamentals of Metasploit, its modules, payloads, exploits, and how penetration testers use the framework during security assessments. Warning: For educational purposes only. Task 1 — Introduction to Metasploit The Metasploit Framework is a collection of tools designed for: Information Gathering; Vulnerability Scanning; Exploitation; Post-Exploitation; Payload Generation; Exploit Development. Main Components msfconsole — Main command-line interface; Modules — Exploits, payloads, scanners, and auxiliary tools; Tools — Utilities such as msfvenom, pattern_create, and pattern_offset. Task 2 — Main Components of Metasploit Modules are the core of the Metasploit Framework and are designed to perform specific...

```html id="n5x2qw" TryHackMe — Moniker Link (CVE-2024-21413) Writeup CVE-2024-21413, also known as Moniker Link , is a critical Microsoft Outlook vulnerability disclosed in February 2024. This flaw allows attackers to bypass Outlook security protections and leak NTLM credentials through specially crafted hyperlinks. This TryHackMe room demonstrates how the vulnerability works, how attackers abuse Moniker Links, and how NTLM hashes can be captured using SMB authentication. Warning: For educational purposes only. Task 1 — Introduction On February 13th, 2024, Microsoft announced a critical Outlook vulnerability identified as CVE-2024-21413 . The vulnerability was discovered by Haifei Li from Check Point Research and affects how Outlook handles specific hyperlink types known as Moniker Links . Attackers can send malicious emails containing specially crafted links that force Outlook to leak the victim's NTLM credentials when interacted with. Question...

```html id="p4x7mz" TryHackMe — John the Ripper: The Basics Writeup John the Ripper is one of the most popular password cracking tools used in cybersecurity, penetration testing, and CTF challenges. This TryHackMe room introduces the fundamentals of password cracking using hashes, wordlists, SSH keys, ZIP archives, RAR files, and Linux shadow files. This writeup summarises the main concepts, commands, and practical exercises covered in the room. Warning: For educational purposes only. Task 2 — Basic Terms This room focuses on the extended version of John the Ripper known as Jumbo John , which includes additional features and community-maintained modules. Questions & Answers Q: What is the most popular extended version of John the Ripper? A: Jumbo John Task 3 — Setting Up Your System John the Ripper supports multiple operating systems and includes different editions with varying feature sets. RockYou Wordlist One of the most commonly us...