In the growing landscape of online privacy and digital anonymity, Onion.run has positioned itself as a significant tool for accessing hidden services on the...

Microsoft released a security update addressing a severe vulnerability, CVE-2025-55315, in ASP.NET Core’s Kestrel web server. The flaw allows an authorized a...

idor allow the attacker to restrict the victim site access info:idor allow the attacker to restrict the victim access on the editorsite there is option...

I’ve always liked the SOC side of things, but my practical grasp of the jargon and techniques has been thin. Time to close that gap with LetsDefend lab....

File permissions are the core security mechanism that controls who can do what with a file or directory. They answer three questions: Who can access thi...

In this article, I present a practical lab simulation of the SHELLSHOCK VULNERABILITY, one of the most critical security flaws ever discovered in Unix-base...

Hey everyone! Welcome back to the Active Directory pentest series. I hope you found the first blog helpful in understanding the basics of AD reconnaissance...

Introduction The OWASP Top 10 is one of the most trusted resources for anyone working in web security. It highlights the most critical security risks that de...

WRAP – Rules & Regulations (Let’sDefend Campaign)

Topic:
Writers must create walkthroughs or write-ups for Let’sDefend rooms.

Program Duration:
November 1st – November 30th, 2025 (Full Month)

Rules :

1. Winners will be chosen based on both the quality…

In Linux, everything is treated as a file—not just text documents, but also hardware devices, and even the input and output of commands. A stream is a conti...

LetsDefend Walkthrough | Password Management What is LetsDefend? LetsDefend is a hands-on Blue Team training platform designed to give learners real-world...

Cross-Site Scripting (XSS) is one of the most common and dangerous vulnerabilities in web applications. It occurs when a website includes user input in a web...

Indian Phone Number OSINT Tools & Techniques 1. Digital Payment Apps (For Real Name Lookup) These apps often show the full name of a person when you...

Blockchain technology is an advanced database mechanism that allows transparent information sharing within a business network. A blockchain database store...

Understanding users and groups Linux is a multi-user system. Its security model depends on defining users (individual accounts) and groups (collections of...

Open Source Intelligence (OSINT) is a method of gathering information from public or other open sources platforms like social media etc.. Osint Life Cycle...

Introduction: The Era of Point-in-Time Security Is Over By 2026, the security landscape has become too dynamic, too automated, and too aggressive for trad...

Alison – Free VAPT Certification Course Why it’s great: Completely free enrollment Includes certificate (downloadable) Covers fundamentals of vulnerabili...