Blue Team Cyber Defender

  Learn how to use Repeater to duplicate requests in Burp Suite Link - https://tryhackme.com/room/burpsuiterepeater Which view option displays the response in the same format as your browser would? Render Send the request. What is the flag you receive? See if you can get the server to error out with a “500 Internal Server Error” code by changing the number at the end of the request to extreme inputs. What is the flag you receive when you cause a 500 error in the endpoint? Exploit the union SQL injection vulnerability in the site. What is the flag? That’s it! See you in the next room :)

Manually review a web application for security issues using only your browsers developer tools. Hacking with just your browser, no tools or scripts. Link- https://tryhackme.com/room/walkinganapplication Go to the website https://LAB_WEB_URL.p.thmlabs.com Right click and view page source What is the flag from the HTML comment? Go to /new-home-beta to find flag What is the flag from the secret link? Go to /secret-page What is the directory listing flag? Go to /assets and then read flag.txt What is the framework flag? Go to the above link Check the Change Log Go to /tmp.zip and download the file. It will have the flag What is the flag behind the paywall? Follow the instructions mentioned to reveal the flag What is the flag behind the paywall? Follow the instructions mentioned to reveal the flag What is the flag shown on the contact-msg network request? Follow the instructions mentioned to reveal the flag That’s it. See you in the next Room :)