Enumeration nmap nmap -sC -sV -A -T4 -Pn 10.10.11.38 Starting Nmap 7.94SVN ( https://nmap.org ) at 2025-02-13 16:02 IST Nmap scan report for 10.10.11.38 Host is up (0.21s latency). Not shown: 998 ...

Enumeration nmap -sC -sV -Pn -A alert.htb Starting Nmap 7.94SVN ( https://nmap.org ) at 2025-01-01 18:43 IST Nmap scan report for alert.htb (10.10.11.44) Host is up (0.19s latency). N...

WebSockets WebSockets are widely used in modern web applications. They are initiated over HTTP and provide long-lived connections with asynchronous communication in both directions. WebSockets ar...

Path Traversal Path traversal is also known as directory traversal. These vulnerabilities enable an attacker to read arbitrary files on the server that is running an application. This might include...

CSRF Learn how a CSRF vulnerability works and methods to exploit and defend against CSRF vulnerabilities. What is CSRF? CSRF is a type of security vulnerability where an attacker tricks a user’s we...

Examining the database in SQL injection attacks To exploit SQL injection vulnerabilities, it’s often necessary to find information about the database. This includes: The type and version of th...

Advanced SQL Injection This room is a self learn page from the THM Room - Advanced SQL Injection made to familiarize with the concepts of SQLi SQL injection remains one of web applications’ m...

Lo-Fi Want to hear some lo-fi beats, to relax or study to? We’ve got you covered! About Want to hear some lo-fi beats, to relax or study to? We’ve got you covered!  Access this challenge by depl...

Light Test your enumeration skills on this boot-to-root machine. About Welcome to the Light database application! I am working on a database application called Light! Would you like to try it ou...

Pyrat Test your enumeration skills on this boot-to-root machine. About Pyrat receives a curious response from an HTTP server, which leads to a potential Python code execution vulnerability. With ...