top of page

Search


🔍 Sherlock Scenario: Investigating a Malware Intrusion
🧩 Attack Summary In this Sherlock Scenario , you step into the role of a SOC analyst investigating a suspected intrusion. By analyzing...
BlueDolphin
3 hours ago


Tampering Vulnerability Lab - Node JS
Checkout a server side Node JS Parameter Tampering Vulnerability and how we can fix it.
BlueDolphin
Jul 30


Hack the Box - Sea
YouTube Video Writeup Engagement Flow Tools used Burpsuite WhatWeb OWASP ZAP Netcat Linpeas Tactics/Techniques CVE-2023-41425 - Wonder...
BlueDolphin
Jul 10


Splunk for Beginners: FREE Security Lab with Botsv3 Dataset (Dashboards, Alerts & Queries!)
Learn how to install Splunk, import security logs, run SPL queries, and build dashboards. Perfect for cybersecurity beginners seeking hands-on skills.
BlueDolphin
May 24


Pikaptchu - Hack the Box - DFIR
Scenario 🛠️ Scenario Overview An attacker sends a phishing email to the victim, claiming it's an urgent Microsoft Office update. The...
BlueDolphin
May 5


NeuroSync-D - Hack the Box Lab
| CVE-2025-29927 (auth bypass in Next.js)
| SSRF to scan and find internal services
| LFI to steal secrets
| Redis injection for command execution
BlueDolphin
Apr 11


FTP Data Exfiltration Investigation
Scenario: FTP Data Exfiltration Investigation - A major incident occurred at Forela. 20 GB of data were stolen from internal s3 buckets.
BlueDolphin
Apr 4


CSRF SameSite Strict bypass via sibling domain
This lab's live chat feature is vulnerable to cross-site WebSocket hijacking (CSWSH)
BlueDolphin
Mar 16


Exploiting CSRF: Bypassing SameSite Strict with Client-Side Redirects
This lab's change email function is vulnerable to CSRF.
BlueDolphin
Jan 26


Hack the Box - Investigation (Medium)
Engagement Flow Tools used Burpsuite EVTX Parser by omerbenamram WhatWeb Netcat SCP Ghidra Moonwalk Tactics/Techniques File upload abuse...
BlueDolphin
Dec 20, 2024


Server-Side Parameter Pollution (SSPP) Through Query Strings
YouTube Index: Introduction What is Server-Side Parameter Pollution Understanding the Query String in an API Request Example Injecting...
BlueDolphin
Nov 23, 2024


Boss Of The SOC V1 Blue Team Lab
High Level Details: Attacker 1: 40.80.148.42 Attacker 2: 23.22.63.114 CMS: Joomla Site: imnotreallybatman.com Site IP: 192.168.250.70...
BlueDolphin
Aug 13, 2024
bottom of page