AWS IAM principal türlerini, geçici ve kalıcı erişim farklarını, root hesabının risklerini ve federasyon mimarisini istatistiklerle öğrenin.

AWS IAM bileşenlerini, root risklerini, kullanıcı-rol farkını, policy mantığını, ARN yapısını ve Organizations ile hesap izolasyonunu keşfedin.

Farklı kullanım alanlarına yönelik AWS servisleri (Dev, IoT, EUC) ve ideal bulut mimarisi oluşturmak için kullanılan Well-Architected çerçevesi hakkında temel bilgiler.

Bu yazı, AWS'ye geçiş süreçleri, stratejileri, kullanılan araçlar ve temel çerçeveleri kapsamaktadır.

AWS maliyet yönetimi, destek planları ve tasarruf stratejileri üzerine notlar.

AWS bulut altyapısında güvenlik, izleme, denetim ve uyumluluk süreçlerini yönetmek için kullanılan temel hizmetler (CloudWatch, CloudTrail, Config, Organizations) ve yönetim ilkeleri.

Bu yazıda, AWS üzerindeki kimlik yönetimi, ağ koruması, şifreleme ve tehdit algılama hizmetlerine dair temel kavramları ve hizmetleri inceleyeceğiz.

Bu yazı, Yapay Zeka (AI), Makine Öğrenimi (ML), Üretken Yapay Zeka (GenAI) ve AWS üzerindeki Veri Analitiği süreçlerini kapsamaktadır.

AWS, geleneksel ilişkisel veritabanlarından gelişmiş NoSQL ve bellek içi çözümlere kadar geniş bir yelpazede, tamamen yönetilen (fully managed) veritabanı hizmetleri sunar. Bu yazımızda bu hizmetleri inceleyeceğiz.

AWS'de veri depolamak için üç temel yöntem bulunur: Blok, Nesne ve Dosya depolama. Her biri farklı performans gereksinimleri ve kullanım senaryoları için tasarlanmıştır.

Bu cheatsheet, AWS ağ temelleri, güvenlik katmanları, bağlantı yöntemleri ve küresel ağ servisleri hakkında genel bir bakış sunar.

AWS üzerinde küresel bir yapı kurmak, kaynakların stratejik dağıtımını, hizmet hızını ve standartlaştırılmış kurulumları yönetmeyi gerektirir.

Bu yazı, AWS üzerindeki hesaplama modellerini, sunucusuz (serverless) mimarileri, konteyner yönetimini ve belirli iş yükleri için özelleştirilmiş diğer hesaplama hizmetlerini kapsar.

Bu yazı, AWS'in temel yapı taşı olan EC2 (Elastic Compute Cloud), fiyatlandırma modelleri, ölçeklendirme, uygulama mimarisi ve temel servisler konularını kapsar.

AWS ve bulut bilişim temel kavramlarını, AWS'nin sunduğu avantajları ve küresel altyapısını anlatan giriş niteliğinde bir rehber.

A detailed writeup for the TryHackMe Mr. Robot room. This walkthrough covers everything from initial reconnaissance and exploiting a WordPress site to gaining a root shell through privilege escalation.

A detailed writeup on how to solve the Hack The Box 'Artificial' machine. This post covers gaining initial access through a TensorFlow model RCE, escalating privileges to the 'gael' user by cracking a password found in a database, and finally achieving root access by exploiting a 'backrest' backup service to retrieve the root user's SSH key.

A step-by-step guide on how to solve the Hack The Box 'Cap' machine. This write-up covers the initial foothold by analyzing a pcap file to find FTP credentials and privilege escalation by exploiting python capabilities.

A step-by-step guide on how to solve the TryHackMe 'Publisher' room. This write-up covers the initial foothold using a CVE in SPIP CMS and privilege escalation by bypassing AppArmor restrictions.

This post provides a step-by-step write-up for the TryHackMe 'Couch' room. Learn how to find credentials in a CouchDB database and escalate privileges to root by leveraging an insecure Docker port.

A detailed writeup on the TryHackMe Archangel room. This walkthrough covers exploiting a Local File Inclusion (LFI) vulnerability to gain initial access through Apache log poisoning, and escalating privileges to root via a cronjob and PATH hijacking.

A step-by-step guide to completing the TryHackMe GamingServer room. This walkthrough covers reconnaissance, gaining initial access, and escalating privileges using the LXD vulnerability.

A step-by-step guide to solving the b3dr0ck room on TryHackMe.

This article provides a detailed walkthrough for the 'Year of the Rabbit' room on TryHackMe. We'll start by uncovering hidden web pages and using BurpSuite to intercept traffic, leading us to credentials hidden within an image. From there, we'll gain initial access via FTP and finally escalate our privileges to root by exploiting a specific sudo vulnerability.

A full writeup for the TryHackMe Fowsniff CTF. Learn how to go from leaked credentials to root access by cracking MD5 hashes, pivoting from POP3 to SSH, and exploiting a writable MOTD script.

A comprehensive walkthrough of the TryHackMe Anthem room. This guide covers reconnaissance via robots.txt, gaining initial access to the Umbraco CMS, connecting via RDP, and escalating privileges on Windows by manipulating file permissions to reveal the administrator password.

A step-by-step walkthrough for the TryHackMe 'Lian Yu' room. This guide covers initial access by discovering hidden directories, decoding a Base58 password for FTP access, and using steganography to find SSH credentials. Privilege escalation is achieved by exploiting sudo rights on pkexec.

A step-by-step walkthrough for the TryHackMe 'Mustacchio' room. This guide covers initial access via XXE injection and privilege escalation to root by exploiting a SUID binary with a PATH hijacking vulnerability.

A step-by-step walkthrough for the TryHackMe 'Chill Hack' room. This guide covers the entire process from initial reconnaissance and exploiting a command injection vulnerability to escalating privileges to root.

A step-by-step walkthrough for the TryHackMe Wgel CTF room. This guide shows how to gain initial access via an exposed SSH key and escalate privileges to root by exploiting a wget sudo misconfiguration.

In this article, we take a step-by-step look at the solution to TryHackMe's "Brute It" room. We gain full access using brute force attacks against the web login form with Hydra, and against the SSH key password and root password hash with John the Ripper.

A step-by-step walkthrough for the TryHackMe Tomghost room. This write-up covers exploiting the Ghostcat vulnerability (CVE-2020-1938), cracking a PGP private key with John the Ripper, and escalating privileges to root via a sudo misconfiguration with zip.

In this article, we walk through solving TryHackMe's Ignite room step by step. We gain initial access to the system using a public exploit for a vulnerable version of Fuel CMS and then obtain root privileges by leveraging a reused password found in a database configuration file.

A step-by-step solution guide for the TryHackMe Brooklyn Nine-Nine room. In this article, discover how to gain initial access by finding a user clue on an anonymous FTP server to brute-force an SSH password, and how to gain root privileges by exploiting a misconfigured sudo policy.

Step-by-step solution guide for the TryHackMe Startup room. In this article, discover how to gain initial access via a writable FTP service using PHP reverse shell, how to obtain user credentials by analysing PCAP with Wireshark, and how to gain root privileges by exploiting a misconfigured cron job.

In this article, we walk through solving TryHackMe's Cyborg room step by step. We gain initial access to the system using credentials leaked from an encrypted Borg backup and then obtain root privileges through a misconfigured sudo setup.

This write-up details the process of compromising the "Overpass" machine, starting with bypassing a weak login function to steal an SSH key and escalating to root by exploiting a misconfigured scheduled task.

This article is a step-by-step walkthrough for the 'LazyAdmin' room on TryHackMe. It covers finding a vulnerable CMS to get initial access and then exploiting a misconfigured script for root privileges.

In this write-up, we will solve TryHackMe's beginner-level 'Agent Sudo' room step-by-step. We will learn how to gain root privileges using web enumeration, FTP brute-forcing with Hydra, extracting hidden data with steganography, and exploiting the CVE-2019-14287 sudo vulnerability, all demonstrated with detailed visuals.

A detailed beginner's guide to the TryHackMe Bounty Hacker room: discovery with Nmap/Rustscan, anonymous FTP access, SSH brute-force with Hydra, and privilege escalation with SUID (tar).

In this article, we will provide a step-by-step solution for the easy-level "RootMe" room on the TryHackMe platform, explaining the logic behind each step. Our goal is not just to copy and paste commands, but to understand why and how they work.

In this article, we will discuss what VLAN is, how to assign a VLAN to a device, and VLAN security and attacks.

In this article, we will discuss the basic structure of IPv4, Network Masks, Host-Network IDs, Broadcast addresses, CIDR notation, Subnet calculations and more with examples.

In this article, we will talk about what a proxy is, what it does and what is its role in cyber security, and we will talk about examples with Burpsuite.

You might have seen this command in many places, and it might seem complex at first. But don't worry, in this content, we'll cover the basics and clarify the questions in our minds.

In Linux operating systems, permissions are a fundamental security mechanism that determines who can access files and directories and how that access is handled.