python – nPm Hacks

Offsec Proving Grounds Walkthrough – CVE-2023-46818

By nPm March 6, 2026Ethical Hacking, Hacking, Linux, Networking, Offsec, Python, Security, Tutorial, Walkthrough

Walkthrough of the machine called "CVE-2023-46818" in the OffSec Proving Grounds...don't watch unless you want help getting through the machine. This one is pretty simple and straightforward! https://youtu.be/UNiUKYcUGnE?si=XHvRqpUcOSsddSqY

Offsec Proving Grounds Walkthrough – Nukem

By nPm February 26, 2026Ethical Hacking, Hacking, Linux, Networking, Offsec, Python, Security, Tutorial, Walkthrough

Walkthrough of the machine called "Nukem" in the OffSec Proving Grounds...This is a Linux machine rated as intermediate, don't watch this unless you want help getting through the machine. Nukem is a blast from the past if you remember the old Id/Capcom software days...brought back some memories. In this machine…

Offsec Proving Grounds Walkthrough – Hepet

By nPm February 20, 2026Ethical Hacking, Hacking, Linux, msfvenom, Networking, Offsec, Python, Security, Tutorial, Walkthrough

Walkthrough of the machine called "Hepet" in the OffSec Proving Grounds...This is a Windows machine rated as intermediate, don't watch unless you want help getting through the machine. In this machine we exploit bad password practices with IMAP to get an initial foothold and then use PowerUp to determine that…

Offsec Proving Grounds Walkthrough – Nibbles

By nPm February 15, 2026Ethical Hacking, Hacking, Linux, Networking, Offsec, Python, Security, Tutorial, Walkthrough

Late posting this one. This is Walkthrough of the machine called "Nibbles" in the OffSec Proving Grounds...don't watch unless you want help getting through the machine. In this machine we abuse default creds in a postgres database, utilize and exploit to gain a shell and escalate using an incorrectly set…

Offsec Proving Grounds Walkthrough – Hutch

By nPm February 6, 2026Ethical Hacking, Hacking, Linux, Metasploit, Offsec, Python, Security, Tutorial, Walkthrough

Walkthrough of the machine called "Hutch" in the OffSec Proving Grounds...don't watch unless you want help getting through the machine. In this machine we ldapsearch to find credentials, we exploit WebDAV to upload and .aspx reverse shell. Once on the machine we use a python exploit to get the LAPS…

Hack the Box Walkthrough – Knife

By nPm January 23, 2026Ethical Hacking, Hacking, HTB, Linux, Networking, Python, Security, Tutorial, Walkthrough

This is a walkthrough of the Hack The Box machine called "Knife". It features the exploitation of PHP 8.1 using Wappalyzer and a python script RCE to get a shell, getting a better shell using busybox, and privesc by exploiting a binary due to dangerous sudo "no password" misconfiguration. I…

How to write a Windows 32-bit buffer overflow!

By nPm January 17, 2026Coding, Ethical Hacking, Hacking, Linux, msfvenom, Networking, Python, Security, Tutorial, Walkthrough

In this video we write a 32 bit buffer overflow together in python using tools like Immunity Debugger, Mona, and msfvenom. I show you how to: 1.) Fuzz the application 2.) Determine the offset 3.) Control the eip cpu register 4.) Determine your bad characters (manually and using Mona) 5.)…

Hack the Box Walkthrough – Data

By nPm January 14, 2026Ethical Hacking, Hacking, HTB, Linux, Python, Security, Tutorial, Walkthrough

This is a walkthrough of the Hack The Box machine called "Data". It features the exploitation of grafana using directory traversal, password cracking, and privesc by exploiting docker due to dangerous sudo "no password" misconfiguration. I learned a lot tackling this one. ***SPOILERS*** I show you how to pwn the…

Offsec Proving Grounds Walkthrough – Interface

By nPm January 11, 2026Ethical Hacking, Hacking, Linux, Networking, Node.js, Offsec, Python, Security, Tutorial, Walkthrough

This was a good one! This is a walkthrough of OffSec Proving Grounds machine "Interface". I haven't seen any walkthroughs of this machine out there. In this video we use hydra to brute force a node.js web application after using the browser's developer tools to discover API endpoints (user list).…

Offsec Proving Grounds Walkthrough – RussianDolls

By nPm January 4, 2026Ethical Hacking, Hacking, Linux, Networking, Offsec, Python, Security, Tutorial, Walkthrough

This is a walkthrough of OffSec Proving Grounds machine "RussianDolls". I haven't seen many, if any walkthroughs of this machine. I wrote a custom SSRF script to brute force ports (it could have been very simple, but I am a psychopath and over engineered it), link to Github in video…