The File Inclusion room on TryHackMe teaches you file inclusion vulnerabilities. It is part of Junior Penetration Tester path under the Introduction to Web Hacking category. This WriteUp contains solutions for the 4 challenges at the end of the room.

Challenge 1

The POST parameter “file” is vulnerable to LFI. It is…

You thought the best bank robbers use weapons, masks and fast vehicles? Then you are wrong! This article explains a story of a bank heist where keyboards were used as weapons.

What happened?

This story took place in February 2016. Between Thursday 4th and Friday 5th February 2016 unauthorized users have issued…

This is a Walkthrough room on TryHackMe with “Easy” difficulty. It is part of the “Jr Penetration Tester” Learning Path under the “Introduction to Web Hacking” module. In this blog article I will explain what an IDOR vulnerability is, how to exploit it and how to mitigate it.

What is IDOR?

IDOR stands…

A collection of useful apps, that can be downloaded from F-Droid. This means they are Open Source Apps and can replace your proprietary software. Reclaim your freedom! :)


  • VLC-Player: Media Player for Audio and Video
  • Antennapod: Podcast Player
  • RadioDroid: Internet Radio
  • Soundrecorder: Sound Recorder :)
  • ScreenCam: Screenrecorder
  • Imagepipe: Edit Images…

Why is privacy important

  • “You might not have anything to hide, my friend. But you have everything to protect.” — Mikko Hypponen
  • “Arguing that you don’t care about the right to privacy because you have nothing to hide, is no different than saying you don’t care about free speech because you have nothing to…


Passionate about Cyber Security. I am publishing CTF writeups and Cybersec content!

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store